Abstract
To reduce the cost in hardware, key schedules of lightweight block ciphers are usually simple and some even are direct linear transformations on master keys. Designers always add some asymmetry round-dependent constants to prevent the well-known slide attack. For linear key schedules, the choice of round constants becomes important but lacks principles. In this paper, we aim at evaluating the robustness of the key schedule algorithm and summarizing some design principles for simple key schedules. We define a special kind of weak keys named linear-reflection weak keys and their existence breaks the independence between different keys. For one weak key k, we can find another related weak key \(k'\) such that the decryption under \(k'\) can be linearly represented by the encryption under k. For a block cipher, the number of rounds that exhibits linear-reflection weak keys should be as small as possible. Besides, an automatic searching algorithm is designed to find weak keys for Piccolo ciphers. Results show that 7-round Piccolo-80 and 10-round Piccolo-128 both have many weak keys. Furthermore, we also find some special features for the key schedule of Piccolo-128. One of them is used to extract that the round permutation RP in Piccolo-128 should not be allowed to be self-inverse. Another is applied to show an efficient pseudo-preimage attack on hash function based on full-round Piccolo-128. The results do not threaten the application of Piccolo in secret-key setting but reveal the weakness of Piccolo-128’s key schedule algorithm to some extent. We expect the results of our paper may guide the design of key schedules for block ciphers especially for the design of round constants for simple key schedules.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009)
Shibutani, K., Isobe, T., Hiwatari, H., Mitsuda, A., Akishita, T., Shirai, T.: Piccolo: an ultra-lightweight blockcipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 342–357. Springer, Heidelberg (2011)
Knudsen, L., Leander, G., Poschmann, A., Robshaw, M.J.B.: PRINTcipher: a block cipher for IC-printing. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 16–32. Springer, Heidelberg (2010)
Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED block cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011)
Gérard, B., Grosso, V., Naya-Plasencia, M., Standaert, F.X.: Block ciphers that are easier to mask: how far can we go? In: Bertoni, G., Coron, J.S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 383–399. Springer, Heidelberg (2013)
Isobe, T., Shibutani, K.: Security analysis of the lightweight block ciphers XTEA, LED and Piccolo. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 71–86. Springer, Heidelberg (2012)
Zhu, B., Gong, G.: Multidimensional meet-in-the-middle attack and its applications to KATAN32/48/64. Cryptogr. Commun. 6(4), 313–333 (2014)
Derbez, P., Fouque, P.-A.: Exhausting Demirci-Selçuk meet-in-the-middle attacks against reduced-round AES. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 541–560. Springer, Heidelberg (2014)
Biham, E.: New types of cryptanalytic attacks using related keys. J. Cryptol. 7(4), 229–246 (1994)
May, L., Henricksen, M., Millan, W.L., Carter, G., Dawson, E.: Strengthening the key schedule of the AES. In: Batten, L.M., Seberry, J. (eds.) ACISP 2002. LNCS, vol. 2384, p. 226. Springer, Heidelberg (2002)
Huang, J., Lai, X.: Revisiting key schedule’s diffusion in relation with round function’s diffusion. Des. Codes Crypt. 73(1), 85–103 (2014)
Huang, J., Vaudenay, S., Lai, X.: On the key schedule of lightweight block ciphers. In: Meler, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 124–142. Springer, Heidelberg (2014)
Biryukov, A., Nikolić, I.: Automatic search for related-key differential characteristics in byte-oriented block ciphers: application to AES, Camellia, Khazad and others. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 322–344. Springer, Heidelberg (2010)
Biryukov, A., Wagner, D.: Slide attacks. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, p. 245. Springer, Heidelberg (1999)
Biryukov, A., Wagner, D.: Advanced slide attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 589. Springer, Heidelberg (2000)
Soleimany, H.: Probabilistic slide cryptanalysis and its applications to LED-64 and Zorro. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 373–389. Springer, Heidelberg (2015)
Leander, G., Abdelraheem, M.A., AlKhzaimi, H., Zenner, E.: A cryptanalysis of PRINTcipher: the invariant subspace attack. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 206–221. Springer, Heidelberg (2011)
Leander, G., Minaud, B., Rønjom, S.: A generic approach to invariant subspace attacks: cryptanalysis of Robin, iSCREAM and Zorro. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 254–283. Springer, Heidelberg (2015)
Preneel, B., Govaerts, R., Vandewalle, J.: Hash functions based on block ciphers: a synthetic approach. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 368–378. Springer, Heidelberg (1994)
Acknowledgments
We would like to thank anonymous referees for their helpful comments and suggestions. The research presented in this paper is supported by the National Basic Research Program of China (No. 2013CB338002) and National Natural Science Foundation of China (No. 61272476, No.61232009 and No. 61202420).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Wang, Y., Wu, W. (2016). New Observations on Piccolo Block Cipher. In: Sako, K. (eds) Topics in Cryptology - CT-RSA 2016. CT-RSA 2016. Lecture Notes in Computer Science(), vol 9610. Springer, Cham. https://doi.org/10.1007/978-3-319-29485-8_22
Download citation
DOI: https://doi.org/10.1007/978-3-319-29485-8_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-29484-1
Online ISBN: 978-3-319-29485-8
eBook Packages: Computer ScienceComputer Science (R0)