### Abstract

At CHES 2010, the new block cipher PRINTcipher was presented as a light-weight encryption solution for printable circuits [15]. The best attack to date is a differential attack [1] that breaks less than half of the rounds. In this paper, we will present a new attack called invariant subspace attack that breaks the full cipher for a significant fraction of its keys. This attack can be seen as a weak-key variant of a statistical saturation attack. For such weak keys, a chosen plaintext distinguishing attack can be mounted in unit time. In addition to breaking PRINTcipher, the new attack also gives us new insights into other, more well-established attacks. We derive a truncated differential characteristic with a round-independent but highly key-dependent probability. In addition, we also show that for weak keys, strongly biased linear approximations exists for any number of rounds. In this sense, PRINTcipher behaves very differently to what is usually - often implicitly - assumed.

Original language | English (US) |
---|---|

Title of host publication | Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings |

Pages | 206-221 |

Number of pages | 16 |

DOIs | |

State | Published - Aug 29 2011 |

Event | 31st Annual International Cryptology Conference, CRYPTO 2011 - Santa Barbara, CA, United States Duration: Aug 14 2011 → Aug 18 2011 |

### Publication series

Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|

Volume | 6841 LNCS |

ISSN (Print) | 0302-9743 |

ISSN (Electronic) | 1611-3349 |

### Other

Other | 31st Annual International Cryptology Conference, CRYPTO 2011 |
---|---|

Country | United States |

City | Santa Barbara, CA |

Period | 8/14/11 → 8/18/11 |

### Fingerprint

### Keywords

- block cipher
- invariant subspace attack
- linear cryptanalysis
- statistical saturation attack
- Symmetric cryptography
- truncated differentials

### ASJC Scopus subject areas

- Theoretical Computer Science
- Computer Science(all)

### Cite this

*Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings*(pp. 206-221). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6841 LNCS). https://doi.org/10.1007/978-3-642-22792-9_12

**A cryptanalysis of PRINTcipher : The invariant subspace attack.** / Leander, Gregor; Abdelraheem, Mohamed Ahmed; Alkhzaimi, Hoda; Zenner, Erik.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

*Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings.*Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6841 LNCS, pp. 206-221, 31st Annual International Cryptology Conference, CRYPTO 2011, Santa Barbara, CA, United States, 8/14/11. https://doi.org/10.1007/978-3-642-22792-9_12

}

TY - GEN

T1 - A cryptanalysis of PRINTcipher

T2 - The invariant subspace attack

AU - Leander, Gregor

AU - Abdelraheem, Mohamed Ahmed

AU - Alkhzaimi, Hoda

AU - Zenner, Erik

PY - 2011/8/29

Y1 - 2011/8/29

N2 - At CHES 2010, the new block cipher PRINTcipher was presented as a light-weight encryption solution for printable circuits [15]. The best attack to date is a differential attack [1] that breaks less than half of the rounds. In this paper, we will present a new attack called invariant subspace attack that breaks the full cipher for a significant fraction of its keys. This attack can be seen as a weak-key variant of a statistical saturation attack. For such weak keys, a chosen plaintext distinguishing attack can be mounted in unit time. In addition to breaking PRINTcipher, the new attack also gives us new insights into other, more well-established attacks. We derive a truncated differential characteristic with a round-independent but highly key-dependent probability. In addition, we also show that for weak keys, strongly biased linear approximations exists for any number of rounds. In this sense, PRINTcipher behaves very differently to what is usually - often implicitly - assumed.

AB - At CHES 2010, the new block cipher PRINTcipher was presented as a light-weight encryption solution for printable circuits [15]. The best attack to date is a differential attack [1] that breaks less than half of the rounds. In this paper, we will present a new attack called invariant subspace attack that breaks the full cipher for a significant fraction of its keys. This attack can be seen as a weak-key variant of a statistical saturation attack. For such weak keys, a chosen plaintext distinguishing attack can be mounted in unit time. In addition to breaking PRINTcipher, the new attack also gives us new insights into other, more well-established attacks. We derive a truncated differential characteristic with a round-independent but highly key-dependent probability. In addition, we also show that for weak keys, strongly biased linear approximations exists for any number of rounds. In this sense, PRINTcipher behaves very differently to what is usually - often implicitly - assumed.

KW - block cipher

KW - invariant subspace attack

KW - linear cryptanalysis

KW - statistical saturation attack

KW - Symmetric cryptography

KW - truncated differentials

UR - http://www.scopus.com/inward/record.url?scp=80052002674&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=80052002674&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-22792-9_12

DO - 10.1007/978-3-642-22792-9_12

M3 - Conference contribution

AN - SCOPUS:80052002674

SN - 9783642227912

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 206

EP - 221

BT - Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings

ER -