[en] We present several new observations on the CAESAR candidate MORUS (v1). First, we report a collision on its StateUpdate(S, M ) function. Second, we describe a distinguisher in a nonce-reuse scenario with probability 1. Finally, we observe that the differences in some words of the state after the initialization have probabilities significantly higher than the random case. We note that the presented results do not threaten the security of the scheme. This is the first external analysis of the authenticated cipher MORUS.
Disciplines :
Computer science
Author, co-author :
Mileva, Aleksandra; University “Goce Delchev”, Stip, Republic of Macedonia > Faculty of Computer Science
Dimitrova, Vesna; University “Ss Cyril and Methodius”, Skopje, Republic of Macedonia > Computer Science and Engineering
Velichkov, Vesselin ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
External co-authors :
yes
Language :
English
Title :
Analysis of the Authenticated Cipher MORUS (v1)
Publication date :
2015
Event name :
BalkanCryptSec 2015
Event organizer :
Faculty of Mathematics, Natural Sciences and Information Technologies FAMNIT
Event place :
Koper, Slovenia
Event date :
from 3-9-2015 to 4-9-2015
Audience :
International
Main work title :
Cryptography and Information Security in the Balkans: First International Conference, BalkanCryptSec 2015
Wu, H., Huang, T.: The authenticated cipher MORUS (v1), CAESAR candidate, 15 March 2014
CAESAR- Competition for Authenticated Encryption: Security, Applicability, and Robustness (2014). http://competitions.cr.yp.to/caesar.html
National Institute of Standards and Technology, Announcing Request for Candidate Algorithm Nominations for a the Advanced Encryption Standard (AES), Federal Register, vol. 62, pp. 48051–48058, September 1997. http://csrc.nist.gov/archive/aes/pre-round1/aes 9709.htm
National Institute of Standards and Technology, Announcing Request for Candidate Algorithm Nominations for a New Cryptographic Hash Algorithm (SHA-3) Family, Federal Register, vol. 27, pp. 62212–62220, November 2007. http://csrc.nist.gov/groups/ST/hash/documents/FR Notice Nov07.pdf
Daemen, J., Rijmen, V.: AES and the wide trail design strategy. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 108–109. Springer, Heidelberg (2002)
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 313–314. Springer, Heidelberg (2013)