Weak Keys of Reduced-Round PRESENT for Linear Cryptanalysis

Authors:
Kenji Ohkuma
Affiliations:
Corporate R & D Center, Toshiba Corporation, and IT Security Center, Information-technology Promotion Agency, Japan
Venue:
Selected Areas in Cryptography
Year:
2009

Citing 0
Cited 13

Multi-trail statistical saturation attacks

ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
On linear hulls, statistical saturation attacks, PRESENT and a cryptanalysis of PUFFIN

EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Multiple differential cryptanalysis: theory and practice

FSE'11 Proceedings of the 18th international conference on Fast software encryption
FPGA implementation of a statistical saturation attack against PRESENT

AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Linear cryptanalysis of reduced-round PRESENT

CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Combined differential and linear cryptanalysis of reduced-round PRINTcipher

SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
KLEIN: a new family of lightweight block ciphers

RFIDSec'11 Proceedings of the 7th international conference on RFID Security and Privacy
On the key schedule strength of PRESENT

DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
A model for structure attacks, with applications to PRESENT and serpent

FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Improved (and practical) public-key authentication for UHF RFID tags

CARDIS'12 Proceedings of the 11th international conference on Smart Card Research and Advanced Applications
Multi-differential cryptanalysis on reduced DM-PRESENT-80: collisions and other differential properties

ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Estimating the probabilities of low-weight differential and linear approximations on PRESENT-like ciphers

ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Improbable differential attacks on Present using undisturbed bits

Journal of Computational and Applied Mathematics

Quantified Score

Hi-index	0.00

Visualization

Abstract

The block cipher PRESENT designed as an ultra-light weight cipher has a 31-round SPN structure in which the S-box layer has 16-parallel 4-bit S-boxes and the diffusion layer is a bit permutation. The designers claimed that the maximum linear characteristic deviation is not more than 2驴 43 for 28 rounds and concluded that PRESENT is not vulnerable to linear cryptanalysis. But we have found that 32% of PRESENT keys are weak for linear cryptanalysis, and the linear deviation can be much larger than the linear characteristic value by the multi-path effect. And we discovered a 28-round path with a linear deviation of 2驴 39.3 for the weak keys. Furthermore, we found that linear cryptanalysis can be used to attack up to 24 rounds of PRESENT for the weak keys.