Welcome to the resource topic for 2025/1806
Title:
Improved Integral Attack on ChiLow-32 Exploiting the Inverse of the ChiChi Function
Authors: Akram Khalesi, Zahra Ahmadian, Hosein Hadipour
Abstract:The protection of executable code in embedded systems requires efficient mechanisms that ensure confidentiality and integrity. Belkheyar et al. recently proposed the Authenticated Code Encryption (ACE) framework, with ChiLow-(32 + \tau) as the first instantiation of ACE2 at EUROCRYPT 2025. The design of ChiLow-(32 + \tau) is based on a 32-bit tweakable block cipher with a quadratic nonlinear layer, known as ChiChi (denoted by \chi\!\!\chi), and a nested tweak key schedule optimized for secure code execution under strict query limits.
In this work, we study the resistance of ChiLow to integral cryptanalysis. We identify new integral distinguishers in both the single-tweak and related-tweak models. Using these results and a nested strategy to recover all round tweaks, we present a key-recovery attack on 7 out of 8 rounds of ChiLow. The central contribution of our work is that it resolves the challenge of deriving the master key from the recovered round tweaks, an open problem highlighted by the designers and in a recent cryptanalysis by Peng et al. The attack on 7 rounds requires 2^{6.32} chosen ciphertexts, has a time complexity of about 2^{121.75} encryptions, and requires negligible memory.
ePrint: https://eprint.iacr.org/2025/1806
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .