New differential cryptanalysis results for the lightweight block cipher BORON

Je Sen Teh; Li Jing Tham; Norziana Jamil; Wun She Yap

doi:10.1016/j.jisa.2022.103129

New differential cryptanalysis results for the lightweight block cipher BORON

Je Sen Teh, Li Jing Tham, Norziana Jamil, Wun She Yap

Research output: Contribution to journal › Article › peer-review

13 Citations (Scopus)

Abstract

BORON is a 64-bit lightweight block cipher based on the substitution–permutation network that supports an 80-bit (BORON-80) and 128-bit (BORON-128) secret key. In this paper, we revisit the use of differential cryptanalysis on BORON in the single-key model. Using an SAT/SMT approach, we look for differentials that consist of multiple differential characteristics with the same input and output differences. Each characteristic that conforms to a given differential improves its overall probability. We also implemented the same search using Matsui's algorithm for verification and performance comparison purposes. We identified high-probability differentials which were then used in key recovery attacks against BORON-80/128. We used 8-round differentials with a probability of 2^−58.16 and 2^−62.42 in key recovery attacks against 9 and 10 rounds of BORON-80 and BORON-128 with time/data/memory complexities of 2^59.18/2^59.16/2²⁴ and 2^111.34/2^63.42/2⁷¹ respectively. Our key recovery framework provides a more accurate estimate of the attack complexity as compared to previous work. The attacks proposed in this paper are the best differential attacks against BORON-80/128 in the single-key model to date.

Original language	English
Article number	103129
Journal	Journal of Information Security and Applications
Volume	66
DOIs	https://doi.org/10.1016/j.jisa.2022.103129
Publication status	Published - May 2022
Externally published	Yes

Keywords

BORON
Branch-and-bound
Cryptanalysis
Differential cryptanalysis
SAT solver
SMT solver

ASJC Scopus subject areas

Software
Safety, Risk, Reliability and Quality
Computer Networks and Communications

Access to Document

10.1016/j.jisa.2022.103129

Cite this

@article{d7f059934f024a68bbdfdfb63894368e,

title = "New differential cryptanalysis results for the lightweight block cipher BORON",

abstract = "BORON is a 64-bit lightweight block cipher based on the substitution–permutation network that supports an 80-bit (BORON-80) and 128-bit (BORON-128) secret key. In this paper, we revisit the use of differential cryptanalysis on BORON in the single-key model. Using an SAT/SMT approach, we look for differentials that consist of multiple differential characteristics with the same input and output differences. Each characteristic that conforms to a given differential improves its overall probability. We also implemented the same search using Matsui's algorithm for verification and performance comparison purposes. We identified high-probability differentials which were then used in key recovery attacks against BORON-80/128. We used 8-round differentials with a probability of 2−58.16 and 2−62.42 in key recovery attacks against 9 and 10 rounds of BORON-80 and BORON-128 with time/data/memory complexities of 259.18/259.16/224 and 2111.34/263.42/271 respectively. Our key recovery framework provides a more accurate estimate of the attack complexity as compared to previous work. The attacks proposed in this paper are the best differential attacks against BORON-80/128 in the single-key model to date.",

keywords = "BORON, Branch-and-bound, Cryptanalysis, Differential cryptanalysis, SAT solver, SMT solver",

author = "Teh, \{Je Sen\} and Tham, \{Li Jing\} and Norziana Jamil and Yap, \{Wun She\}",

note = "Publisher Copyright: {\textcopyright} 2022 Elsevier Ltd",

year = "2022",

month = may,

doi = "10.1016/j.jisa.2022.103129",

language = "English",

volume = "66",

journal = "Journal of Information Security and Applications",

issn = "2214-2134",

publisher = "Elsevier Ltd",

}

TY - JOUR

T1 - New differential cryptanalysis results for the lightweight block cipher BORON

AU - Teh, Je Sen

AU - Tham, Li Jing

AU - Jamil, Norziana

AU - Yap, Wun She

PY - 2022/5

Y1 - 2022/5

N2 - BORON is a 64-bit lightweight block cipher based on the substitution–permutation network that supports an 80-bit (BORON-80) and 128-bit (BORON-128) secret key. In this paper, we revisit the use of differential cryptanalysis on BORON in the single-key model. Using an SAT/SMT approach, we look for differentials that consist of multiple differential characteristics with the same input and output differences. Each characteristic that conforms to a given differential improves its overall probability. We also implemented the same search using Matsui's algorithm for verification and performance comparison purposes. We identified high-probability differentials which were then used in key recovery attacks against BORON-80/128. We used 8-round differentials with a probability of 2−58.16 and 2−62.42 in key recovery attacks against 9 and 10 rounds of BORON-80 and BORON-128 with time/data/memory complexities of 259.18/259.16/224 and 2111.34/263.42/271 respectively. Our key recovery framework provides a more accurate estimate of the attack complexity as compared to previous work. The attacks proposed in this paper are the best differential attacks against BORON-80/128 in the single-key model to date.

AB - BORON is a 64-bit lightweight block cipher based on the substitution–permutation network that supports an 80-bit (BORON-80) and 128-bit (BORON-128) secret key. In this paper, we revisit the use of differential cryptanalysis on BORON in the single-key model. Using an SAT/SMT approach, we look for differentials that consist of multiple differential characteristics with the same input and output differences. Each characteristic that conforms to a given differential improves its overall probability. We also implemented the same search using Matsui's algorithm for verification and performance comparison purposes. We identified high-probability differentials which were then used in key recovery attacks against BORON-80/128. We used 8-round differentials with a probability of 2−58.16 and 2−62.42 in key recovery attacks against 9 and 10 rounds of BORON-80 and BORON-128 with time/data/memory complexities of 259.18/259.16/224 and 2111.34/263.42/271 respectively. Our key recovery framework provides a more accurate estimate of the attack complexity as compared to previous work. The attacks proposed in this paper are the best differential attacks against BORON-80/128 in the single-key model to date.

KW - BORON

KW - Branch-and-bound

KW - Cryptanalysis

KW - Differential cryptanalysis

KW - SAT solver

KW - SMT solver

UR - http://www.scopus.com/inward/record.url?scp=85125237892&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85125237892&partnerID=8YFLogxK

U2 - 10.1016/j.jisa.2022.103129

DO - 10.1016/j.jisa.2022.103129

M3 - Article

AN - SCOPUS:85125237892

SN - 2214-2134

VL - 66

JO - Journal of Information Security and Applications

JF - Journal of Information Security and Applications

M1 - 103129

ER -

New differential cryptanalysis results for the lightweight block cipher BORON

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this