Abstract
CRAFT is a lightweight block cipher, designed to provide efficient protection against differential fault attacks. It is a tweakable cipher that includes 32 rounds to produce a ciphertext from a 64-bit plaintext using a 128-bit key and 64-bit public tweak. In this paper, compared to the designers’ analysis, we provide a more detailed analysis of CRAFT against differential and zero-correlation cryptanalysis, aiming to provide better distinguishers for the reduced rounds of the cipher. Our distinguishers for reduced-round CRAFT cover a higher number of rounds compared to the designers’ analysis. In our analysis, we observed that, for any number of rounds, the differential effect of CRAFT has an extremely higher probability compared to any differential trail. As an example, while the best trail for 11 rounds of the cipher has a probability of at least 2−80, we present a differential with probability 2−49.79, containing 229.66 optimal trails, all with the same optimum probability of 2−80. Next, we use a partitioning technique, based on optimal expandable truncated trails to provide a better estimation of the differential effect on CRAFT. Thanks to this technique, we are able to find differential distinguishers for 9, 10, 11, 12, 13, and 14 rounds of the cipher in single tweak model with the probabilities of at least 2−40.20, 2−45.12, 2−49.79, 2−54.49, 2−59.13, and 2−63.80, respectively. These probabilities should be compared with the best distinguishers provided by the designers in the same model for 9 and 10 rounds of the cipher with the probabilities of at least 2−54.67 and 2−62.61, respectively. In addition, we consider the security of CRAFT against the new concept of related tweak zero-correlation (ZC) linear cryptanalysis and present a new distinguisher which covers 14 rounds of the cipher, while the best previous ZC distinguisher covered 13 rounds. Thanks to the related tweak ZC distinguisher for 14 rounds of the cipher, we also present 14 rounds integral distinguishers in related tweak mode of the cipher. Although the provided analysis does not compromise the cipher, we think it provides a better insight into the designing of CRAFT.
Highlights
Lightweight cryptography received extensive attention over the last decade, motivated by the emergent growth of resource-constrained devices such as RFID tags and IoT edge devices
We provided a detailed analysis of CRAFT against differential and related tweak zero-correlation and integral cryptanalysis
Our related tweak zero-correlation and integral cryptanalysis, which cover 14 rounds, are the first analysis of CRAFT against this attack, given that the designers analyzed its security against single tweak zero-correlation and integral cryptanalysis
Summary
Lightweight cryptography received extensive attention over the last decade, motivated by the emergent growth of resource-constrained devices such as RFID tags and IoT edge devices. They selected a component to design cipher such that they can provide efficient protection against a specific attack,e.g., LS-Designs [GLSV14], FRIT [SBD+18], ZORRO [GGNS13] and Fides [BBK+13] In this direction, to provide efficient protection against differential fault analysis, Beierle et al proposed CRAFT [BLMR19], which is a tweakable lightweight block cipher (A tweakable block cipher maps a n-bit plaintext to a n-bit ciphertext using a k-bit secret key and a t-bit tweak). To provide efficient protection against differential fault analysis, Beierle et al proposed CRAFT [BLMR19], which is a tweakable lightweight block cipher (A tweakable block cipher maps a n-bit plaintext to a n-bit ciphertext using a k-bit secret key and a t-bit tweak) They supported their design by extensive analysis against known attacks, e.g., differential cryptanalysis, impossible differential cryptanalysis, linear cryptanalysis, zero-correlation cryptanalysis, and so on.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
