A chosen plaintext linear attack on block cipher CIKS-1

Changhoon Lee; Deukjo Hong; Sungjae Lee; Sangjin Lee; Hyungjin Yang; Jongin Lim

doi:10.1007/3-540-36159-6_39

A chosen plaintext linear attack on block cipher CIKS-1

Changhoon Lee, Deukjo Hong, Sungjae Lee, Sangjin Lee, Hyungjin Yang, Jongin Lim

School of Cybersecurity

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

26 Citations (Scopus)

Abstract

In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduing which consist in data-dapendent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 2² additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2^-17 by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one round approximation is better than 1/2 +2^-17 through experiments. Then we construct 3-round linear approximation with P = 1/2 +2^-17 using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 2³⁶ chosen plaintexts with a probability of success of 78.5% and 15 ×2³²× 2³⁶ ≈ 2^65.7 encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.

Original language	English
Title of host publication	Information and Communications Security - 4th International Conference, ICICS 2002, Proceedings
Editors	Robert Deng, Feng Bao, Jianying Zhou, Sihan Qing
Publisher	Springer Verlag
Pages	456-468
Number of pages	13
ISBN (Print)	3540001646
DOIs	https://doi.org/10.1007/3-540-36159-6_39
Publication status	Published - 2002
Event	4th International Conference on Information and Communications Security, ICICS 2002 - Singapore, Singapore Duration: 2002 Dec 9 → 2002 Dec 12

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	2513
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	4th International Conference on Information and Communications Security, ICICS 2002
Country/Territory	Singapore
City	Singapore
Period	02/12/9 → 02/12/12

Bibliographical note

Publisher Copyright:
© Springer-Verlag Berlin Heidelberg 2002.

Keywords

Block cipher
CIKS-1(cipher with internal key scheduling)
Data-dependent permutation
Linear cryptanalysis

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/3-540-36159-6_39

Cite this

Lee, C., Hong, D., Lee, S., Lee, S., Yang, H., & Lim, J. (2002). A chosen plaintext linear attack on block cipher CIKS-1. In R. Deng, F. Bao, J. Zhou, & S. Qing (Eds.), Information and Communications Security - 4th International Conference, ICICS 2002, Proceedings (pp. 456-468). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2513). Springer Verlag. https://doi.org/10.1007/3-540-36159-6_39

A chosen plaintext linear attack on block cipher CIKS-1. / Lee, Changhoon; Hong, Deukjo; Lee, Sungjae et al.
Information and Communications Security - 4th International Conference, ICICS 2002, Proceedings. ed. / Robert Deng; Feng Bao; Jianying Zhou; Sihan Qing. Springer Verlag, 2002. p. 456-468 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2513).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Lee, C, Hong, D, Lee, S, Lee, S, Yang, H & Lim, J 2002, A chosen plaintext linear attack on block cipher CIKS-1. in R Deng, F Bao, J Zhou & S Qing (eds), Information and Communications Security - 4th International Conference, ICICS 2002, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 2513, Springer Verlag, pp. 456-468, 4th International Conference on Information and Communications Security, ICICS 2002, Singapore, Singapore, 02/12/9. https://doi.org/10.1007/3-540-36159-6_39

Lee C, Hong D, Lee S, Lee S, Yang H, Lim J. A chosen plaintext linear attack on block cipher CIKS-1. In Deng R, Bao F, Zhou J, Qing S, editors, Information and Communications Security - 4th International Conference, ICICS 2002, Proceedings. Springer Verlag. 2002. p. 456-468. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/3-540-36159-6_39

Lee, Changhoon ; Hong, Deukjo ; Lee, Sungjae et al. / A chosen plaintext linear attack on block cipher CIKS-1. Information and Communications Security - 4th International Conference, ICICS 2002, Proceedings. editor / Robert Deng ; Feng Bao ; Jianying Zhou ; Sihan Qing. Springer Verlag, 2002. pp. 456-468 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{1261fe07e3784b9ab58f3ff4963a1c75,

title = "A chosen plaintext linear attack on block cipher CIKS-1",

abstract = "In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduing which consist in data-dapendent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 22 additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2-17 by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one round approximation is better than 1/2 +2-17 through experiments. Then we construct 3-round linear approximation with P = 1/2 +2-17 using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 236 chosen plaintexts with a probability of success of 78.5% and 15 ×232× 236 ≈ 265.7 encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.",

keywords = "Block cipher, CIKS-1(cipher with internal key scheduling), Data-dependent permutation, Linear cryptanalysis",

author = "Changhoon Lee and Deukjo Hong and Sungjae Lee and Sangjin Lee and Hyungjin Yang and Jongin Lim",

note = "Publisher Copyright: {\textcopyright} Springer-Verlag Berlin Heidelberg 2002.; 4th International Conference on Information and Communications Security, ICICS 2002 ; Conference date: 09-12-2002 Through 12-12-2002",

year = "2002",

doi = "10.1007/3-540-36159-6_39",

language = "English",

isbn = "3540001646",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "456--468",

editor = "Robert Deng and Feng Bao and Jianying Zhou and Sihan Qing",

booktitle = "Information and Communications Security - 4th International Conference, ICICS 2002, Proceedings",

}

TY - GEN

T1 - A chosen plaintext linear attack on block cipher CIKS-1

AU - Lee, Changhoon

AU - Hong, Deukjo

AU - Lee, Sungjae

AU - Lee, Sangjin

AU - Yang, Hyungjin

AU - Lim, Jongin

N1 - Publisher Copyright: © Springer-Verlag Berlin Heidelberg 2002.

PY - 2002

Y1 - 2002

N2 - In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduing which consist in data-dapendent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 22 additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2-17 by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one round approximation is better than 1/2 +2-17 through experiments. Then we construct 3-round linear approximation with P = 1/2 +2-17 using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 236 chosen plaintexts with a probability of success of 78.5% and 15 ×232× 236 ≈ 265.7 encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.

AB - In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduing which consist in data-dapendent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 22 additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2-17 by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one round approximation is better than 1/2 +2-17 through experiments. Then we construct 3-round linear approximation with P = 1/2 +2-17 using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 236 chosen plaintexts with a probability of success of 78.5% and 15 ×232× 236 ≈ 265.7 encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.

KW - Block cipher

KW - CIKS-1(cipher with internal key scheduling)

KW - Data-dependent permutation

KW - Linear cryptanalysis

UR - http://www.scopus.com/inward/record.url?scp=84944063721&partnerID=8YFLogxK

U2 - 10.1007/3-540-36159-6_39

DO - 10.1007/3-540-36159-6_39

M3 - Conference contribution

AN - SCOPUS:84944063721

SN - 3540001646

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 456

EP - 468

BT - Information and Communications Security - 4th International Conference, ICICS 2002, Proceedings

A2 - Deng, Robert

A2 - Bao, Feng

A2 - Zhou, Jianying

A2 - Qing, Sihan

PB - Springer Verlag

T2 - 4th International Conference on Information and Communications Security, ICICS 2002

Y2 - 9 December 2002 through 12 December 2002

ER -

A chosen plaintext linear attack on block cipher CIKS-1

Abstract

Publication series

Other

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this