Conference paper Open Access
Christoph Dobraunig; Maria Eichlseder; Daniel Kales; Florian Mendel
<?xml version='1.0' encoding='utf-8'?> <resource xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://datacite.org/schema/kernel-4" xsi:schemaLocation="http://datacite.org/schema/kernel-4 http://schema.datacite.org/meta/kernel-4.1/metadata.xsd"> <identifier identifierType="DOI">10.5281/zenodo.574265</identifier> <creators> <creator> <creatorName>Christoph Dobraunig</creatorName> <affiliation>Graz University of Technology</affiliation> </creator> <creator> <creatorName>Maria Eichlseder</creatorName> <affiliation>Graz University of Technology</affiliation> </creator> <creator> <creatorName>Daniel Kales</creatorName> <affiliation>Graz University of Technology</affiliation> </creator> <creator> <creatorName>Florian Mendel</creatorName> <affiliation>Graz University of Technology</affiliation> </creator> </creators> <titles> <title>Practical Key-Recovery Attack on MANTIS-5</title> </titles> <publisher>Zenodo</publisher> <publicationYear>2017</publicationYear> <subjects> <subject>differential cryptanalysis</subject> <subject>MANTIS</subject> <subject>lightweight</subject> <subject>PRINCE-like ciphers</subject> </subjects> <dates> <date dateType="Issued">2017-03-05</date> </dates> <resourceType resourceTypeGeneral="Text">Conference paper</resourceType> <alternateIdentifiers> <alternateIdentifier alternateIdentifierType="url">https://zenodo.org/record/574265</alternateIdentifier> </alternateIdentifiers> <relatedIdentifiers> <relatedIdentifier relatedIdentifierType="URL" relationType="IsPartOf">https://zenodo.org/communities/hector</relatedIdentifier> </relatedIdentifiers> <rightsList> <rights rightsURI="https://creativecommons.org/licenses/by-nc/4.0/legalcode">Creative Commons Attribution Non Commercial 4.0 International</rights> <rights rightsURI="info:eu-repo/semantics/openAccess">Open Access</rights> </rightsList> <descriptions> <description descriptionType="Abstract"><p>MANTIS is a lightweight tweakable block cipher published at CRYPTO 2016. In addition to the full 14-round version, MANTIS<sub>7</sub>, the designers also propose an aggressive 10-round version, MANTIS5. The security claim for MANTIS<sub>5</sub> is resistance against “practical attacks”, defined as related-tweak attacks with data complexity 2<sup>d</sup> less than 2<sup>30</sup> chosen plaintexts (or 2<sup>40</sup> known plaintexts), and computational complexity at most 2<sup>126−d</sup>. We present a key-recovery attack against MANTIS<sub>5</sub> with 2<sup>28</sup> chosen plaintexts and a<br> computational complexity of about 2<sup>38</sup> block cipher calls, which violates this claim. Our attack is based on a family of differential characteristics and exploits several properties of the lightweight round function and tweakey schedule. To verify the validity of the attack, we also provide a practical implementation which recovers the full key in about 1 core hour using 2<sup>30</sup> chosen plaintexts.</p></description> </descriptions> <fundingReferences> <fundingReference> <funderName>European Commission</funderName> <funderIdentifier funderIdentifierType="Crossref Funder ID">10.13039/501100000780</funderIdentifier> <awardNumber awardURI="info:eu-repo/grantAgreement/EC/H2020/644052/">644052</awardNumber> <awardTitle>HARDWARE ENABLED CRYPTO AND RANDOMNESS</awardTitle> </fundingReference> </fundingReferences> </resource>
All versions | This version | |
---|---|---|
Views | 32 | 32 |
Downloads | 31 | 31 |
Data volume | 15.9 MB | 15.9 MB |
Unique views | 31 | 31 |
Unique downloads | 31 | 31 |