Cryptanalysis of Reduced sLiSCP Permutation in Sponge-Hash and Duplex-AE Modes
This paper studies security of a family of lightweight permutations sLiSCP that was proposed by AlTawy et al. at SAC 2017. sLiSCP also specifies an authenticated encryption (AE) mode and a hashing mode based on the sponge framework, however the designers’ analysis focuses on the indistinguishability of the permutation, and there is no analysis for those modes. This paper presents the first analysis of reduced-step sLiSCP in the AE and hashing modes fully respecting the recommended parameters and usage by the designers. Forgery and collision attacks are presented against 6 (out of 18) steps of the AE and hashing modes. Moreover, rebound distinguishers are presented against 15 steps of the permutation. We believe that those results especially about the AE and hashing modes provide a better understanding of sLiSCP, and bring more confidence about the lightweight version sLiSCP-light.
KeywordssLiSCP Simeck Permutation Sponge Collision Forgery
We thank the anonymous reviewers for their valuable comments. This work was initiated during the 7’th Asian Workshop on Symmetric Key Cryptography, we would like to thank the organisers of ASK 2017. Yunwen Liu is supported by the Research Fund KU Leuven C16/18/004, grant agreement No. H2020-MSCA-ITN-2014-643161 ECRYPT-NET, China Scholarship Council (CSC 201403170380) and National Natural Science Foundation (No. 61672530). Ling Song is supported by the Youth Innovation Promotion Association CAS and the National Natural Science Foundation of China (Grants No. 61802399, 61472415, 61732021 and 61772519). Gaoli Wang is supported by the National Natural Science Foundation of China (No. 61572125) and National Cryptography Development Fund (No. MMJJ20180201).
- 1.AlTawy, R., Rohit, R., He, M., Mandal, K., Yang, G., Gong, G.: sLiSCP: simeck-based permutations for lightweight sponge cryptographic primitives. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 129–150. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-72565-9_7CrossRefGoogle Scholar
- 2.AlTawy, R., Rohit, R., He, M., Mandal, K., Yang, G., Gong, G.: sLiSCP-light: towards lighter sponge-specific cryptographic permutations (2018). https://cacr.uwaterloo.ca/techreports/2018/cacr2018-01.pdf
- 6.Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. IACR Cryptology ePrint Archive 2013, 404 (2013). http://eprint.iacr.org/2013/404
- 8.Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Duplexing the sponge: single-pass authenticated encryption and other applications. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 320–337. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28496-0_19CrossRefGoogle Scholar
- 9.Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Cryptographic sponge functions. Submission to NIST (Round 3) (2011). http://sponge.noekeon.org/CSF-0.1.pdf
- 10.Bertoni, G., Daemen, J., Peeters, M., Van Assche, G., Van Keer, R.: CAESAR submission: Ketje v2. Candidate of CAESAR Competition, September 2016Google Scholar
- 15.Dobraunig, C., Eichlseder, M., Mendel, F., Schläffer, M.: Ascon v1.2. Submission to the CAESAR competition. Submission to NIST (Round 3) (2016). http://competitions.cr.yp.to/round3/asconv12.pdf
- 24.Liu, Y., De Witte, G., Ranea, A., Ashur, T.: Rotational-XOR cryptanalysis of reduced-round SPECK. IACR Trans. Symmetric Cryptol. 2017(3), 24–36 (2017)Google Scholar
- 26.NIST: Lightweight Cryptography, April 2018. https://csrc.nist.gov/projects/lightweight-cryptography