Abstract
PRIDE is a lightweight block cipher proposed at CRYPTO 2014 by Albrecht et al., who claimed that the construction of linear layers is efficient and secure. In this paper, we investigate the key schedule and find eight 2-round iterative related-key differential characteristics, which can be used to construct 18-round related-key differentials. A study of the first subkey derivation function reveals that there exist three weak-key classes, as a result of which all the differences of subkeys for each round are identical. For the weak-key classes, we also find eight 2-round iterative related-key differential characteristics. Based on one of the related-key differentials, we launch an attack on the full PRIDE block cipher. The data and time complexity are $2^{39}$ chosen plaintexts and $2^{92}$ encryptions, respectively. Moreover, by using multiple related-key differentials, we improve the cryptanalysis, which then requires $2^{41.6}$ chosen plaintexts and $2^{42.7}$ encryptions, respectively. Finally, we use two 17-round related-key differentials to analyze full PRIDE, which requires $2^{35}$ plaintexts and $2^{54.7}$ encryptions. These are the first results on full PRIDE, and show that the PRIDE block cipher is not secure against related-key differential attack.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
