Revisiting boomerang attacks on lightweight ARX and AND-RX ciphers with applications to KATAN, SIMON and CHAM

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS Journal of Information Security and Applications Pub Date : 2025-03-01 Epub Date: 2024-12-16 DOI:10.1016/j.jisa.2024.103950

Li Yu , Je Sen Teh

{"title":"Revisiting boomerang attacks on lightweight ARX and AND-RX ciphers with applications to KATAN, SIMON and CHAM","authors":"Li Yu , Je Sen Teh","doi":"10.1016/j.jisa.2024.103950","DOIUrl":null,"url":null,"abstract":"<div><div>In this paper, we investigate the security of lightweight block ciphers, focusing on those that utilize the ADD-Rotate-XOR (ARX) and AND-Rotate-XOR (AND-RX) design paradigms. More specifically, we examine their resilience against boomerang-style attacks. First, we propose an automated search strategy that leverages the boomerang connectivity table (BCT) for AND operations (<math><mrow><mo>∧</mo><mi>B</mi><mi>C</mi><mi>T</mi></mrow></math>) to conduct a complete search for boomerang and rectangle distinguishers for AND-RX ciphers. The proposed search strategy automatically considers all possible <math><mrow><mo>∧</mo><mi>B</mi><mi>C</mi><mi>T</mi></mrow></math> switches in the middle of the boomerang to optimize distinguishing probability. The correctness of the search strategy was verified experimentally. We were able to find the best boomerang and rectangle distinguishers to date in the single-key model for lightweight block ciphers KATAN32/48/64 and SIMON32/48. Next, we investigated BCT properties of ARX ciphers and discovered that a truncated boomerang switch could be formulated for the lightweight ARX cipher, CHAM. We were able to find the best single-key and related-key rectangle distinguishers to date for CHAM. Our findings provide more accurate security margins of these lightweight ciphers against boomerang-style attacks.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103950"},"PeriodicalIF":3.7000,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624002527","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2024/12/16 0:00:00","PubModel":"Epub","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

In this paper, we investigate the security of lightweight block ciphers, focusing on those that utilize the ADD-Rotate-XOR (ARX) and AND-Rotate-XOR (AND-RX) design paradigms. More specifically, we examine their resilience against boomerang-style attacks. First, we propose an automated search strategy that leverages the boomerang connectivity table (BCT) for AND operations (

\land B C T

) to conduct a complete search for boomerang and rectangle distinguishers for AND-RX ciphers. The proposed search strategy automatically considers all possible

\land B C T

switches in the middle of the boomerang to optimize distinguishing probability. The correctness of the search strategy was verified experimentally. We were able to find the best boomerang and rectangle distinguishers to date in the single-key model for lightweight block ciphers KATAN32/48/64 and SIMON32/48. Next, we investigated BCT properties of ARX ciphers and discovered that a truncated boomerang switch could be formulated for the lightweight ARX cipher, CHAM. We were able to find the best single-key and related-key rectangle distinguishers to date for CHAM. Our findings provide more accurate security margins of these lightweight ciphers against boomerang-style attacks.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

用KATAN、SIMON和CHAM的应用程序重访轻量级ARX和and - rx密码的回旋镖攻击

在本文中，我们研究了轻量级分组密码的安全性，重点研究了那些使用添加-旋转-异或（ARX）和与旋转-异或（and - rx）设计范例的分组密码。更具体地说，我们考察了它们抵御回飞镖式攻击的弹性。首先，我们提出了一种自动搜索策略，该策略利用与运算的回飞镖连通性表（BCT）（∧BCT）对AND- rx密码的回飞镖和矩形区分符进行完整搜索。提出的搜索策略自动考虑回飞镖中间所有可能的∧BCT开关，以优化识别概率。实验验证了该搜索策略的正确性。我们能够在轻量级分组密码KATAN32/48/64和SIMON32/48的单键模型中找到迄今为止最好的回旋镖和矩形区分器。接下来，我们研究了ARX密码的BCT特性，并发现可以为轻量级ARX密码CHAM制定截断回飞棒开关。我们能够为CHAM找到迄今为止最好的单键和相关键矩形区分符。我们的研究结果为这些轻量级密码提供了更准确的安全余量，以抵御回旋镖式攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.