Cryptanalysis of iterated Even-Mansour schemes with two keys

Itai Dinur, Orr Dunkelman, Nathan Keller, Adi Shamir

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The iterated Even-Mansour (EM) scheme is a generalization of the original 1-round construction proposed in 1991, and can use one key, two keys, or completely independent keys. In this paper, we methodically analyze the security of all the possible iterated Even-Mansour schemes with two n-bit keys and up to four rounds, and show that none of them provides more than n-bit security. Our attacks are based on a new cryptanalytic technique called multibridge which splits the cipher to different parts in a novel way, such that they can be analyzed independently, exploiting its self-similarity properties. After the analysis of the parts, the key suggestions are efficiently joined using a meet-in-themiddle procedure.

As a demonstration of the multibridge technique, we devise a new attack on 4 steps of the LED-128 block cipher, reducing the time complexity of the best known attack on this scheme from 296 to 264. Furthermore, we show that our technique can be used as a generic key-recovery tool, when combined with some statistical distinguishers (like those recently constructed in reflection cryptanalysis of GOST and PRINCE).

Original languageEnglish
Title of host publicationAdvances in Cryptology - ASIACRYPT 2014 - 20th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings, Part I
EditorsPalash Sarkar, Tetsu Iwata
PublisherSpringer Verlag
Pages439-457
Number of pages19
ISBN (Electronic)9783662456101
DOIs
StatePublished - 2014
Event20th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2014 - Kaoshiung, Taiwan, Province of China
Duration: 7 Dec 201411 Dec 2014

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8873
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference20th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2014
Country/TerritoryTaiwan, Province of China
CityKaoshiung
Period7/12/1411/12/14

Bibliographical note

Publisher Copyright:
© International Association for Cryptologic Research 2014.

Keywords

  • Cryptanalysis
  • Iterated even-mansour
  • LED-128
  • Meet-in-the-middle attacks
  • Multibridge attack

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Cryptanalysis of iterated Even-Mansour schemes with two keys'. Together they form a unique fingerprint.

Cite this