On the key schedule strength of PRESENT

Authors:
Julio Cesar Hernandez-Castro;Pedro Peris-Lopez;Jean-Philippe Aumasson
Affiliations:
School of Computing, Portsmouth University, UK;Information Security & Privacy Lab, TU-Delft, The Netherlands;NagravisionSA, Cheseaux, Switzerland
Venue:
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Year:
2011

Citing 10
Cited 0

Fault Injection and a Timing Channel on an Analysis Technique

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
PRESENT: An Ultra-Lightweight Block Cipher

CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Hash Functions and RFID Tags: Mind the Gap

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
A Statistical Saturation Attack against the Block Cipher PRESENT

CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT

ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Algebraic Techniques in Differential Cryptanalysis

Fast Software Encryption
KATAN and KTANTAN -- A Family of Small and Efficient Hardware-Oriented Block Ciphers

CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Weak Keys of Reduced-Round PRESENT for Linear Cryptanalysis

Selected Areas in Cryptography
Cryptanalysis of an identification scheme based on the permuted perceptron problem

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Differential cryptanalysis of reduced-round PRESENT

AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present here the results of a playful research on how to measure the strength of a key schedule algorithm, with applications to PRESENT, including its two variants with 80 and 128 bit keys. We do not claim to have discovered any devastating weakness, but believe that some of the results presented, albeit controversial, could be of interest for other researchers investigating this cipher, notably for those working in impossible differentials and related key or slide attacks. Furthermore, in the case of PRESENT, key schedule features shown here may be exploited to attack some of the PRESENT-based hash functions. We carried out a probabilistic metaheuristic search for semi-equivalent keys, annihilators and entropy minima, and proposed a simple way of combining these results into a single value with a straightforward mathematical expression that could help in abstracting resistance to the set of presented analysis. Surprisingly, PRESENT−128 seems weaker than PRESENT−80 in the light of this new measure.