Security Analysis of SKINNY under Related-Tweakey Settings
DOI:
https://doi.org/10.13154/tosc.v2017.i3.37-72Keywords:
Lightweight Block Cipher, SKINNY, Impossible Differential Attack, Rectangle Attack, Related-TweakeyAbstract
In CRYPTO’16, a new family of tweakable lightweight block ciphers - SKINNY was introduced. Denoting the variants of SKINNY as SKINNY-n-t, where n represents the block size and t represents the tweakey length, the design specifies t ∈ {n, 2n, 3n}. In this work, we evaluate the security of SKINNY against differential cryptanalysis in the related-tweakey model. First, we investigate truncated related-tweakey differential trails of SKINNY and search for the longest impossible and rectangle distinguishers where there is only one active cell in the input and the output. Based on the distinguishers obtained, 19, 23 and 27 rounds of SKINNY-n-n, SKINNY-n-2n and SKINNY-n-3n can be attacked respectively. Next, actual differential trails for SKINNY under related-tweakey model are explored and optimal differential trails of SKINNY-64 within certain number of rounds are searched with an indirect searching method based on Mixed-Integer Linear Programming. The results show a trend that as the number of rounds increases, the probability of optimal differential trails is much lower than the probability derived from the lower bounds of active Sboxes in SKINNY.Published
2017-09-19
How to Cite
Liu, G., Ghosh, M., & Song, L. (2017). Security Analysis of SKINNY under Related-Tweakey Settings. IACR Transactions on Symmetric Cryptology, 2017(3), 37–72. https://doi.org/10.13154/tosc.v2017.i3.37-72
Issue
Section
Articles
License
Copyright (c) 2017 Guozhen Liu, Mohona Ghosh, Ling Song
This work is licensed under a Creative Commons Attribution 4.0 International License.
