Abstract
π-Cipher is one of the twenty-nine candidates in the second round of the CAESAR competition for authenticated ciphers. π-Cipher uses a parallel sponge construction, based upon an ARX permutation. This work shows several state recovery attacks, on up to three rounds. These attacks use known values in the function's bitrate, combined with values found through exhaustive search, to retrieve the remaining values in the internal state. These attacks can break one round, for any variant of π-Cipher, in negligible time. They can also break two or three rounds much faster than exhaustive search on the key, for some variants. However, these attacks only work against version 1 of π-Cipher, due to the differences in the padding function for version 2.0. To fill this gap, this work also includes a one round attack against version 2.0, building upon the distinguisher present in the π-Cipher submission document.
Original language | English |
---|---|
Title of host publication | Proceedings of the Australasian Computer Science Week Multiconference, ACSW 2016 |
Place of Publication | New York |
Publisher | Association for Computing Machinery |
Number of pages | 6 |
ISBN (Electronic) | 9781450340427 |
DOIs | |
Publication status | Published - 1 Feb 2016 |
Externally published | Yes |
Event | Australasian Computer Science Week Multiconference, ACSW 2016 - Canberra, Australia Duration: 1 Feb 2016 → 5 Feb 2016 |
Other
Other | Australasian Computer Science Week Multiconference, ACSW 2016 |
---|---|
Country/Territory | Australia |
City | Canberra |
Period | 1/02/16 → 5/02/16 |
Keywords
- ARX
- CAESAR
- Cryptanalysis
- Divide and conquer attack
- Sponge construction
- π-Cipher