Full Round Zero-Sum Distinguishers on TinyJAMBU-128 and TinyJAMBU-192 Keyed-Permutation in the Known-Key Setting

Orr Dunkelman; Shibam Ghosh; Eran Lambooij

doi:10.1007/978-3-031-22912-1_16

Full Round Zero-Sum Distinguishers on TinyJAMBU-128 and TinyJAMBU-192 Keyed-Permutation in the Known-Key Setting

Orr Dunkelman, Shibam Ghosh, Eran Lambooij

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

TinyJAMBU is one of the finalists in the NIST lightweight standardization competition. This paper presents full round practical zero-sum distinguishers on the keyed permutation used in TinyJAMBU. We propose a full round zero-sum distinguisher on the 128- and 192-bit key variants and a reduced round zero-sum distinguisher for the 256-bit key variant in the known-key settings. Our best known-key distinguisher works with 2 ¹⁶ data/time complexity on the full 128-bit version and with 2 ²³ data/time complexity on the full 192-bit version. For the 256-bit version, we can distinguish 1152 rounds (out of 1280 rounds) in the known-key settings. In addition, we present the best zero-sum distinguishers in the secret-key settings: with complexity 2 ²³ we can distinguish 544 rounds in the forward direction or 576 rounds in the backward direction. For finding the zero-sum distinguisher, we bound the algebraic degree of the TinyJAMBU permutation using the monomial prediction technique proposed by Hu et al. at ASIACRYPT 2020. We model the monomial prediction rule on TinyJAMBU in MILP and find upper bounds on the degree by computing the parity of the number of solutions.

Original language	English
Title of host publication	Progress in Cryptology – INDOCRYPT 2022 - 23rd International Conference on Cryptology in India, 2022, Proceedings
Editors	Takanori Isobe, Santanu Sarkar
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	349-372
Number of pages	24
ISBN (Print)	9783031229114
DOIs	https://doi.org/10.1007/978-3-031-22912-1_16
State	Published - 2022
Event	23rd International Conference on Cryptology, INDOCRYPT 2022 - Kolkata, India Duration: 11 Dec 2022 → 14 Dec 2022

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	13774 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	23rd International Conference on Cryptology, INDOCRYPT 2022
Country/Territory	India
City	Kolkata
Period	11/12/22 → 14/12/22

Bibliographical note

Publisher Copyright:
© 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-031-22912-1_16

Cite this

Dunkelman, O., Ghosh, S., & Lambooij, E. (2022). Full Round Zero-Sum Distinguishers on TinyJAMBU-128 and TinyJAMBU-192 Keyed-Permutation in the Known-Key Setting. In T. Isobe, & S. Sarkar (Eds.), Progress in Cryptology – INDOCRYPT 2022 - 23rd International Conference on Cryptology in India, 2022, Proceedings (pp. 349-372). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13774 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-22912-1_16

Dunkelman, Orr ; Ghosh, Shibam ; Lambooij, Eran. / Full Round Zero-Sum Distinguishers on TinyJAMBU-128 and TinyJAMBU-192 Keyed-Permutation in the Known-Key Setting. Progress in Cryptology – INDOCRYPT 2022 - 23rd International Conference on Cryptology in India, 2022, Proceedings. editor / Takanori Isobe ; Santanu Sarkar. Springer Science and Business Media Deutschland GmbH, 2022. pp. 349-372 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{c007b937efa24b1c90c7b6203496c68e,

title = "Full Round Zero-Sum Distinguishers on TinyJAMBU-128 and TinyJAMBU-192 Keyed-Permutation in the Known-Key Setting",

abstract = "TinyJAMBU is one of the finalists in the NIST lightweight standardization competition. This paper presents full round practical zero-sum distinguishers on the keyed permutation used in TinyJAMBU. We propose a full round zero-sum distinguisher on the 128- and 192-bit key variants and a reduced round zero-sum distinguisher for the 256-bit key variant in the known-key settings. Our best known-key distinguisher works with 2 16 data/time complexity on the full 128-bit version and with 2 23 data/time complexity on the full 192-bit version. For the 256-bit version, we can distinguish 1152 rounds (out of 1280 rounds) in the known-key settings. In addition, we present the best zero-sum distinguishers in the secret-key settings: with complexity 2 23 we can distinguish 544 rounds in the forward direction or 576 rounds in the backward direction. For finding the zero-sum distinguisher, we bound the algebraic degree of the TinyJAMBU permutation using the monomial prediction technique proposed by Hu et al. at ASIACRYPT 2020. We model the monomial prediction rule on TinyJAMBU in MILP and find upper bounds on the degree by computing the parity of the number of solutions.",

author = "Orr Dunkelman and Shibam Ghosh and Eran Lambooij",

note = "Publisher Copyright: {\textcopyright} 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.; 23rd International Conference on Cryptology, INDOCRYPT 2022 ; Conference date: 11-12-2022 Through 14-12-2022",

year = "2022",

doi = "10.1007/978-3-031-22912-1_16",

language = "English",

isbn = "9783031229114",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "349--372",

editor = "Takanori Isobe and Santanu Sarkar",

booktitle = "Progress in Cryptology – INDOCRYPT 2022 - 23rd International Conference on Cryptology in India, 2022, Proceedings",

address = "Germany",

}

Dunkelman, O , Ghosh, S & Lambooij, E 2022, Full Round Zero-Sum Distinguishers on TinyJAMBU-128 and TinyJAMBU-192 Keyed-Permutation in the Known-Key Setting. in T Isobe & S Sarkar (eds), Progress in Cryptology – INDOCRYPT 2022 - 23rd International Conference on Cryptology in India, 2022, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 13774 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 349-372, 23rd International Conference on Cryptology, INDOCRYPT 2022, Kolkata, India, 11/12/22. https://doi.org/10.1007/978-3-031-22912-1_16

Full Round Zero-Sum Distinguishers on TinyJAMBU-128 and TinyJAMBU-192 Keyed-Permutation in the Known-Key Setting. / Dunkelman, Orr ; Ghosh, Shibam; Lambooij, Eran.
Progress in Cryptology – INDOCRYPT 2022 - 23rd International Conference on Cryptology in India, 2022, Proceedings. ed. / Takanori Isobe; Santanu Sarkar. Springer Science and Business Media Deutschland GmbH, 2022. p. 349-372 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13774 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Full Round Zero-Sum Distinguishers on TinyJAMBU-128 and TinyJAMBU-192 Keyed-Permutation in the Known-Key Setting

AU - Dunkelman, Orr

AU - Ghosh, Shibam

AU - Lambooij, Eran

PY - 2022

Y1 - 2022

N2 - TinyJAMBU is one of the finalists in the NIST lightweight standardization competition. This paper presents full round practical zero-sum distinguishers on the keyed permutation used in TinyJAMBU. We propose a full round zero-sum distinguisher on the 128- and 192-bit key variants and a reduced round zero-sum distinguisher for the 256-bit key variant in the known-key settings. Our best known-key distinguisher works with 2 16 data/time complexity on the full 128-bit version and with 2 23 data/time complexity on the full 192-bit version. For the 256-bit version, we can distinguish 1152 rounds (out of 1280 rounds) in the known-key settings. In addition, we present the best zero-sum distinguishers in the secret-key settings: with complexity 2 23 we can distinguish 544 rounds in the forward direction or 576 rounds in the backward direction. For finding the zero-sum distinguisher, we bound the algebraic degree of the TinyJAMBU permutation using the monomial prediction technique proposed by Hu et al. at ASIACRYPT 2020. We model the monomial prediction rule on TinyJAMBU in MILP and find upper bounds on the degree by computing the parity of the number of solutions.

AB - TinyJAMBU is one of the finalists in the NIST lightweight standardization competition. This paper presents full round practical zero-sum distinguishers on the keyed permutation used in TinyJAMBU. We propose a full round zero-sum distinguisher on the 128- and 192-bit key variants and a reduced round zero-sum distinguisher for the 256-bit key variant in the known-key settings. Our best known-key distinguisher works with 2 16 data/time complexity on the full 128-bit version and with 2 23 data/time complexity on the full 192-bit version. For the 256-bit version, we can distinguish 1152 rounds (out of 1280 rounds) in the known-key settings. In addition, we present the best zero-sum distinguishers in the secret-key settings: with complexity 2 23 we can distinguish 544 rounds in the forward direction or 576 rounds in the backward direction. For finding the zero-sum distinguisher, we bound the algebraic degree of the TinyJAMBU permutation using the monomial prediction technique proposed by Hu et al. at ASIACRYPT 2020. We model the monomial prediction rule on TinyJAMBU in MILP and find upper bounds on the degree by computing the parity of the number of solutions.

UR - http://www.scopus.com/inward/record.url?scp=85147841564&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-22912-1_16

DO - 10.1007/978-3-031-22912-1_16

M3 - Conference contribution

AN - SCOPUS:85147841564

SN - 9783031229114

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 349

EP - 372

BT - Progress in Cryptology – INDOCRYPT 2022 - 23rd International Conference on Cryptology in India, 2022, Proceedings

A2 - Isobe, Takanori

A2 - Sarkar, Santanu

PB - Springer Science and Business Media Deutschland GmbH

T2 - 23rd International Conference on Cryptology, INDOCRYPT 2022

Y2 - 11 December 2022 through 14 December 2022

ER -

Dunkelman O , Ghosh S, Lambooij E. Full Round Zero-Sum Distinguishers on TinyJAMBU-128 and TinyJAMBU-192 Keyed-Permutation in the Known-Key Setting. In Isobe T, Sarkar S, editors, Progress in Cryptology – INDOCRYPT 2022 - 23rd International Conference on Cryptology in India, 2022, Proceedings. Springer Science and Business Media Deutschland GmbH. 2022. p. 349-372. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-031-22912-1_16