A cryptanalysis of PRINTcipher: The invariant subspace attack

Gregor Leander, Mohamed Ahmed Abdelraheem, Hoda Alkhzaimi, Erik Zenner

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

At CHES 2010, the new block cipher PRINTcipher was presented as a light-weight encryption solution for printable circuits [15]. The best attack to date is a differential attack [1] that breaks less than half of the rounds. In this paper, we will present a new attack called invariant subspace attack that breaks the full cipher for a significant fraction of its keys. This attack can be seen as a weak-key variant of a statistical saturation attack. For such weak keys, a chosen plaintext distinguishing attack can be mounted in unit time. In addition to breaking PRINTcipher, the new attack also gives us new insights into other, more well-established attacks. We derive a truncated differential characteristic with a round-independent but highly key-dependent probability. In addition, we also show that for weak keys, strongly biased linear approximations exists for any number of rounds. In this sense, PRINTcipher behaves very differently to what is usually - often implicitly - assumed.

Original languageEnglish (US)
Title of host publicationAdvances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings
Pages206-221
Number of pages16
DOIs
StatePublished - Aug 29 2011
Event31st Annual International Cryptology Conference, CRYPTO 2011 - Santa Barbara, CA, United States
Duration: Aug 14 2011Aug 18 2011

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6841 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other31st Annual International Cryptology Conference, CRYPTO 2011
CountryUnited States
CitySanta Barbara, CA
Period8/14/118/18/11

Fingerprint

Cryptanalysis
Invariant Subspace
Cryptography
Attack
Networks (circuits)
Distinguishing Attack
Block Cipher
Linear Approximation
Encryption
Biased
Saturation
Unit
Dependent

Keywords

  • block cipher
  • invariant subspace attack
  • linear cryptanalysis
  • statistical saturation attack
  • Symmetric cryptography
  • truncated differentials

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Leander, G., Abdelraheem, M. A., Alkhzaimi, H., & Zenner, E. (2011). A cryptanalysis of PRINTcipher: The invariant subspace attack. In Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings (pp. 206-221). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6841 LNCS). https://doi.org/10.1007/978-3-642-22792-9_12

A cryptanalysis of PRINTcipher : The invariant subspace attack. / Leander, Gregor; Abdelraheem, Mohamed Ahmed; Alkhzaimi, Hoda; Zenner, Erik.

Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings. 2011. p. 206-221 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6841 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Leander, G, Abdelraheem, MA, Alkhzaimi, H & Zenner, E 2011, A cryptanalysis of PRINTcipher: The invariant subspace attack. in Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6841 LNCS, pp. 206-221, 31st Annual International Cryptology Conference, CRYPTO 2011, Santa Barbara, CA, United States, 8/14/11. https://doi.org/10.1007/978-3-642-22792-9_12
Leander G, Abdelraheem MA, Alkhzaimi H, Zenner E. A cryptanalysis of PRINTcipher: The invariant subspace attack. In Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings. 2011. p. 206-221. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-642-22792-9_12
Leander, Gregor ; Abdelraheem, Mohamed Ahmed ; Alkhzaimi, Hoda ; Zenner, Erik. / A cryptanalysis of PRINTcipher : The invariant subspace attack. Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings. 2011. pp. 206-221 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{eaf727a597cf4079ad42c24835be647d,
title = "A cryptanalysis of PRINTcipher: The invariant subspace attack",
abstract = "At CHES 2010, the new block cipher PRINTcipher was presented as a light-weight encryption solution for printable circuits [15]. The best attack to date is a differential attack [1] that breaks less than half of the rounds. In this paper, we will present a new attack called invariant subspace attack that breaks the full cipher for a significant fraction of its keys. This attack can be seen as a weak-key variant of a statistical saturation attack. For such weak keys, a chosen plaintext distinguishing attack can be mounted in unit time. In addition to breaking PRINTcipher, the new attack also gives us new insights into other, more well-established attacks. We derive a truncated differential characteristic with a round-independent but highly key-dependent probability. In addition, we also show that for weak keys, strongly biased linear approximations exists for any number of rounds. In this sense, PRINTcipher behaves very differently to what is usually - often implicitly - assumed.",
keywords = "block cipher, invariant subspace attack, linear cryptanalysis, statistical saturation attack, Symmetric cryptography, truncated differentials",
author = "Gregor Leander and Abdelraheem, {Mohamed Ahmed} and Hoda Alkhzaimi and Erik Zenner",
year = "2011",
month = "8",
day = "29",
doi = "10.1007/978-3-642-22792-9_12",
language = "English (US)",
isbn = "9783642227912",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "206--221",
booktitle = "Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings",

}

TY - GEN

T1 - A cryptanalysis of PRINTcipher

T2 - The invariant subspace attack

AU - Leander, Gregor

AU - Abdelraheem, Mohamed Ahmed

AU - Alkhzaimi, Hoda

AU - Zenner, Erik

PY - 2011/8/29

Y1 - 2011/8/29

N2 - At CHES 2010, the new block cipher PRINTcipher was presented as a light-weight encryption solution for printable circuits [15]. The best attack to date is a differential attack [1] that breaks less than half of the rounds. In this paper, we will present a new attack called invariant subspace attack that breaks the full cipher for a significant fraction of its keys. This attack can be seen as a weak-key variant of a statistical saturation attack. For such weak keys, a chosen plaintext distinguishing attack can be mounted in unit time. In addition to breaking PRINTcipher, the new attack also gives us new insights into other, more well-established attacks. We derive a truncated differential characteristic with a round-independent but highly key-dependent probability. In addition, we also show that for weak keys, strongly biased linear approximations exists for any number of rounds. In this sense, PRINTcipher behaves very differently to what is usually - often implicitly - assumed.

AB - At CHES 2010, the new block cipher PRINTcipher was presented as a light-weight encryption solution for printable circuits [15]. The best attack to date is a differential attack [1] that breaks less than half of the rounds. In this paper, we will present a new attack called invariant subspace attack that breaks the full cipher for a significant fraction of its keys. This attack can be seen as a weak-key variant of a statistical saturation attack. For such weak keys, a chosen plaintext distinguishing attack can be mounted in unit time. In addition to breaking PRINTcipher, the new attack also gives us new insights into other, more well-established attacks. We derive a truncated differential characteristic with a round-independent but highly key-dependent probability. In addition, we also show that for weak keys, strongly biased linear approximations exists for any number of rounds. In this sense, PRINTcipher behaves very differently to what is usually - often implicitly - assumed.

KW - block cipher

KW - invariant subspace attack

KW - linear cryptanalysis

KW - statistical saturation attack

KW - Symmetric cryptography

KW - truncated differentials

UR - http://www.scopus.com/inward/record.url?scp=80052002674&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=80052002674&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-22792-9_12

DO - 10.1007/978-3-642-22792-9_12

M3 - Conference contribution

AN - SCOPUS:80052002674

SN - 9783642227912

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 206

EP - 221

BT - Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Proceedings

ER -