Is there a way to attack current encryption standards to quantify their security? This question is the focus of cryptanalysis, on whose principles the paper by Christof Beierle (HGI), Prof. Gregor Leander (HGI/CASA) and Yosuke Todo (NTT Secure Platform Laboratories) is based. The work has now been awarded Best Paper at the highly regarded "International Cryptology Conference 2020 (IACR CRYPTO)" It is the result of an international collaboration: The Japanese scientist Yosuke Todo is currently researching for one year as a guest at the Chair of Cryptography at the Ruhr University Bochum following an invitation by Prof. Gregor Leander.
The scientists have developed an improved method for differential-linear attacks. This enabled them to derive the most successful proven attack to date on a specific class of encryption algorithms, the ARX ciphers (ChaCha and Chaskey).
Cryptographic methods secure the transmission of information in our digital everyday life: With the help of encryption methods, data is encrypted and thus secured. Symmetric encryption forms the basis of many applications, from Internet banking to Messenger chat. A single secret key is used for encryption, which must be known to both the sender and the recipient. One class of these symmetric primitives is based on the so-called ARX design, which relies on fast and easy-to-implement algorithms. ARX stands for modular addition, rotation, XOR and is particularly efficient in software. With a new framework, the research team has advanced an existing attack method, with which they were able to attack two of the ARX ciphers, ChaCha and Chaskey, with greater success than with previously known attacks. "ChaCha" was developed by CASA-PI Daniel Bernstein.
The cipher design is round-iterated. So the operations are executed in combination in several successive rounds to encrypt the plaintext. The scientists succeeded in attacking more rounds than other known attacks have reached before. So, the researchers have improved the attack, but the cipher is still only partially attackable. "In this respect, the paper strengthens confidence in the ciphers", explains Christof Beierle.
Improved Differential-Linear Attacks with Applications to ARX Ciphers. Christof Beierle (Ruhr University Bochum), Gregor Leander (Ruhr University Bochum), Yosuke Todo (NTT Secure Platform Laboratories)