A chosen plaintext linear attack on block cipher CIKS-1

Changhoon Lee, Deukjo Hong, Sungjae Lee, Sangjin Lee, Hyungjin Yang, Jong In Lim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

21 Citations (Scopus)

Abstract

In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduing which consist in data-dapendent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 22 additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2-17 by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one round approximation is better than 1/2 +2-17 through experiments. Then we construct 3-round linear approximation with P = 1/2 +2-17 using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 236 chosen plaintexts with a probability of success of 78.5% and 15 ×232× 236 ≈ 265.7 encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PublisherSpringer Verlag
Pages456-468
Number of pages13
Volume2513
ISBN (Print)3540001646
Publication statusPublished - 2002
Event4th International Conference on Information and Communications Security, ICICS 2002 - Singapore, Singapore
Duration: 2002 Dec 92002 Dec 12

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2513
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other4th International Conference on Information and Communications Security, ICICS 2002
CountrySingapore
CitySingapore
Period02/12/902/12/12

Fingerprint

Block Cipher
Linear Approximation
Attack
Linear Cryptanalysis
Approximation
Data Transformation
Cryptography
Piles
Dependent Data
Encryption
Modulo
Lemma
Permutation
Valid
Internal
Evaluate
Experiments
Estimate
Experiment

Keywords

  • Block cipher
  • CIKS-1(cipher with internal key scheduling)
  • Data-dependent permutation
  • Linear cryptanalysis

ASJC Scopus subject areas

  • Computer Science(all)
  • Theoretical Computer Science

Cite this

Lee, C., Hong, D., Lee, S., Lee, S., Yang, H., & Lim, J. I. (2002). A chosen plaintext linear attack on block cipher CIKS-1. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2513, pp. 456-468). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2513). Springer Verlag.

A chosen plaintext linear attack on block cipher CIKS-1. / Lee, Changhoon; Hong, Deukjo; Lee, Sungjae; Lee, Sangjin; Yang, Hyungjin; Lim, Jong In.

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 2513 Springer Verlag, 2002. p. 456-468 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2513).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Lee, C, Hong, D, Lee, S, Lee, S, Yang, H & Lim, JI 2002, A chosen plaintext linear attack on block cipher CIKS-1. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). vol. 2513, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 2513, Springer Verlag, pp. 456-468, 4th International Conference on Information and Communications Security, ICICS 2002, Singapore, Singapore, 02/12/9.
Lee C, Hong D, Lee S, Lee S, Yang H, Lim JI. A chosen plaintext linear attack on block cipher CIKS-1. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 2513. Springer Verlag. 2002. p. 456-468. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
Lee, Changhoon ; Hong, Deukjo ; Lee, Sungjae ; Lee, Sangjin ; Yang, Hyungjin ; Lim, Jong In. / A chosen plaintext linear attack on block cipher CIKS-1. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 2513 Springer Verlag, 2002. pp. 456-468 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{1261fe07e3784b9ab58f3ff4963a1c75,
title = "A chosen plaintext linear attack on block cipher CIKS-1",
abstract = "In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduing which consist in data-dapendent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 22 additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2-17 by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one round approximation is better than 1/2 +2-17 through experiments. Then we construct 3-round linear approximation with P = 1/2 +2-17 using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 236 chosen plaintexts with a probability of success of 78.5{\%} and 15 ×232× 236 ≈ 265.7 encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.",
keywords = "Block cipher, CIKS-1(cipher with internal key scheduling), Data-dependent permutation, Linear cryptanalysis",
author = "Changhoon Lee and Deukjo Hong and Sungjae Lee and Sangjin Lee and Hyungjin Yang and Lim, {Jong In}",
year = "2002",
language = "English",
isbn = "3540001646",
volume = "2513",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "456--468",
booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

}

TY - GEN

T1 - A chosen plaintext linear attack on block cipher CIKS-1

AU - Lee, Changhoon

AU - Hong, Deukjo

AU - Lee, Sungjae

AU - Lee, Sangjin

AU - Yang, Hyungjin

AU - Lim, Jong In

PY - 2002

Y1 - 2002

N2 - In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduing which consist in data-dapendent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 22 additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2-17 by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one round approximation is better than 1/2 +2-17 through experiments. Then we construct 3-round linear approximation with P = 1/2 +2-17 using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 236 chosen plaintexts with a probability of success of 78.5% and 15 ×232× 236 ≈ 265.7 encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.

AB - In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduing which consist in data-dapendent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 22 additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2-17 by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one round approximation is better than 1/2 +2-17 through experiments. Then we construct 3-round linear approximation with P = 1/2 +2-17 using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 236 chosen plaintexts with a probability of success of 78.5% and 15 ×232× 236 ≈ 265.7 encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.

KW - Block cipher

KW - CIKS-1(cipher with internal key scheduling)

KW - Data-dependent permutation

KW - Linear cryptanalysis

UR - http://www.scopus.com/inward/record.url?scp=84944063721&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84944063721&partnerID=8YFLogxK

M3 - Conference contribution

SN - 3540001646

VL - 2513

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 456

EP - 468

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

PB - Springer Verlag

ER -