[en] We devise the first closed formula for the number of rounds of a blockcipher with secret components so that these components can be revealed using multiset, algebraic-degree, or division-integral properties, which in this case are equivalent. Using the new result, we attack 7 (out of 9) rounds of Kuznyechik, the recent Russian blockcipher standard, thus halving its security margin. With the same technique we attack 6 (out of 8) rounds of Khazad, the legacy 64-bit blockcipher. Finally, we show how to cryptanalyze and find a decomposition of generic SPN construction for which the inner-components are secret. All the attacks are the best to date.
Disciplines :
Sciences informatiques
Auteur, co-auteur :
BIRYUKOV, Alex ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
KHOVRATOVICH, Dmitry ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC)
PERRIN, Léo Paul ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Co-auteurs externes :
no
Langue du document :
Anglais
Titre :
Multiset-Algebraic Cryptanalysis of Reduced Kuznyechik, Khazad, and secret SPNs
Date de publication/diffusion :
2016
Titre du périodique :
IACR Transactions on Symmetric Cryptology
eISSN :
2519-173X
Maison d'édition :
International Association for Cryptologic Research, Santa Barbara, Etats-Unis - Californie
