Welcome to the resource topic for 2016/436
Title:
Cryptanalysis of Reduced NORX
Authors: Nasour Bagheri, Tao Huang, Keting Jia, Florian Mendel, Yu Sasaki
Abstract:NORX is a second round candidate of the ongoing CAESAR competition for authenticated encryption. It is a nonce based authenticated encryption scheme based on the sponge construction. Its two variants denoted by NORX32 and NORX64 provide a security level of 128 and 256 bits, respectively. In this paper, we present a state/key recovery attack for both variants with the number of rounds of the core permutation reduced to 2 (out of 4) rounds. The time complexity of the attack for NORX32 and NORX64 is 2^{119} and 2^{234} respectively, while the data complexity is negligible. Furthermore, we show a state recovery attack against NORX in the parallel mode using an internal differential attack for 2 rounds of the permutation. The data, time and memory complexities of the attack for NORX32 are 2^{7.3}, 2^{124.3} and 2^{115} respectively and for NORX64 are 2^{6.2}, 2^{232.8} and 2^{225} respectively. Finally, we present a practical distinguisher for the keystream of NORX64 based on two rounds of the permutation in the parallel mode using an internal differential-linear attack. To the best of our knowledge, our results are the best known results for NORX in nonce respecting manner.
ePrint: https://eprint.iacr.org/2016/436
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .