PRESENT is proposed by A.Bogdanov et al. in CHES 2007 for extremely constrained environments such as RFID tags and sensor networks. In this paper, we find out the differential characteristics for r-round(5 ≤ r ≤ 15), then give the differential cryptanalysis on reduced-round variants of PRESENT. We attack 16-round PRESENT using 2 chosen plaintexts, 2 6-bit counters, and 2 memory accesses.

We propose the first adaptation of Matsui’s algorithm for finding the best differential and linear trails to the class of ARX ciphers. It is based on a branch-and-bound search strategy, does not use any heuristics and returns optimal results. The practical application of the new algorithm is demonstrated on reduced round variants of block ciphers from the Speck family. More specifically, we rep...

Exponentiation in finite fields of characteristic 2 is proposed to construct large bijective S-boxes of block ciphers. We obtain some properties of the exponential Sboxes that are related to differential, higher order differential, and linear cryptanalysis methods.

SipHash is an ARX based message authentication code developed by Aumasson and Bernstein. SipHash was designed to be fast on short messages. Already, a lot of implementations and applications for SipHash exist, whereas the cryptanalysis of SipHash lacks behind. In this paper, we provide the first published third-party cryptanalysis of SipHash regarding differential cryptanalysis. We use existing...

GOST 28147-89 is a well-known block cipher and the official encryption standard of the Russian Federation. A 256-bit block cipher considered as an alternative for AES-256 and triple DES, having an amazingly low implementation cost and thus increasingly popular and used [22, 23, 30, 24, 41]. Until 2010 researchers unanimously agreed that: “despite considerable cryptanalytic efforts spent in the ...

This paper observes the cryptanalysis of the Telecommunications Industry Association’s Cellular Message Encryption Algorithm (CMEA). The CMEA has been widely used for wireless security and the breaking of the scheme proves the requirement of alternatives. In the current paper, the properties of CMEA which have lead to the successful cryptanalysis, have been identified. Accordingly the algorithm...

Camellia and MISTY1 are Feistel block ciphers. In this paper, we observe that, when conducting impossible differential cryptanalysis on Camellia and MISTY1, their round structures allow us to partially determine whether a candidate pair is right by guessing only a small fraction of the unknown required subkey bits of a relevant round at a time, instead of all of them. This reduces the computati...

Vectorial Boolean bent functions, which possess the maximal nonlinearity and the minimum differential uniformity, contribute to optimum resistance against linear cryptanalysis and differential cryptanalysis. H vectorial functions is an infinite class of vectorial Boolean bent functions presented by S. Mesnager. This paper is devoted to further characterization of the H vectorial functions. It i...

The Data Encryption Standard (DES) was developed by an IBM team around 1974 and adopted as a national standard in 1977. Since that time, many cryptanalysts have attempted to find shortcuts for breaking the system. In this paper, we examine one such attempt, the method of differential cryptanalysis, published by Blham and Shamir. We show some of the safeguards against differential cryptanalysis ...

In this contribution instances of a problem introduced by the differential cryptanalysis of Feistel cryptosystems are formulated as optimization tasks. The performance of Evolutionary Computation methods on these tasks is studied for a representative Feistel cryptosystem, the Data Encryption Standard. The results indicate that the proposed methodology is efficient in handling this type of probl...