[Resource Topic] 2016/732: Nonlinear Invariant Attack --Practical Attack on Full SCREAM, iSCREAM, and Midori64

Welcome to the resource topic for 2016/732

Title:
Nonlinear Invariant Attack --Practical Attack on Full SCREAM, iSCREAM, and Midori64

Authors: Yosuke Todo, Gregor Leander, Yu Sasaki

Abstract:

In this paper we introduce a new type of attack, called nonlinear invariant attack. As application examples, we present new attacks that are able to distinguish the full versions of the (tweakable) block ciphers Scream, iScream and Midori64 in a weak-key setting. Those attacks require only a handful of plaintext-ciphertext pairs and have minimal computational costs. Moreover, the nonlinear invariant attack on the underlying (tweakable) block cipher can be extended to a ciphertext-only attack in well-known modes of operation such as CBC or CTR. The plaintext of the authenticated encryption schemes SCREAM and iSCREAM can be practically recovered only from the ciphertexts in the nonce-respecting setting. This is the first result breaking a security claim of SCREAM. Moreover, the plaintext in Midori64 with well-known modes of operation can practically be recovered. All of our attacks are experimentally verified.

ePrint: https://eprint.iacr.org/2016/732

Talk: https://www.youtube.com/watch?v=2CxVKJ47H8w

Slides: https://iacr.org/cryptodb/archive/2016/ASIACRYPT/presentation/27861.pptx

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .