Name
Abstract | ||
|---|---|---|
The lightweight block cipher Piccolo adopts Generalized Feistel Network structure with 64 bits of block size. Its key supports 80 bits or 128 bits, expressed by Piccolo-80 or Piccolo-128, respectively. In this paper, we exploit the security of reduced version of Piccolo from the first round with the pre-whitening layer, which shows the vulnerability of original Piccolo. As a matter of fact, we first study some linear relations among the round subkeys and the properties of linear layer. Based on them, we evaluate the security of Piccolo-80/128 against the meet-in-the-middle attack. Finally, we attack 13 rounds of Piccolo-80 by applying a 5-round distinguisher, which requires 2(44) chosen plaintexts, 2(67.39) encryptions and 2(64.91) blocks, respectively. Moreover, we also attack 17 rounds of Piccolo-128 by using a 7-round distinguisher, which requires 2(44) chosen plaintexts, 2(126) encryptions and 2(125.49) blocks, respectively. Compared with the previous cryptanalytic results, our results are the currently best ones if considering Piccolo from the first round with the pre-whitening layer. |
Year | DOI | Venue |
|---|---|---|
2019 | 10.3837/tiis.2019.09.022 | KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS |
Keywords | Field | DocType |
Lightweight Block ciphers,Piccolo,the distinguisher,meet-in-the-middle attacks | Computer architecture,Computer science,Distributed computing | Journal |
Volume | Issue | ISSN |
13 | 9 | 1976-7277 |
Citations | PageRank | References |
0 | 0.34 | 0 |
Authors | ||
7 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Ya Liu | 1 | 82 | 13.16 |
| Liang Cheng | 2 | 0 | 0.68 |
| Fengyu Zhao | 3 | 0 | 1.69 |
| Chunhua Su | 4 | 0 | 0.68 |
| Zhiqiang Liu | 5 | 116 | 24.93 |
| Wei Li | 6 | 93 | 15.69 |
| Dawu Gu | 7 | 644 | 103.50 |