New Key-Independent Structural Properties of AES-Like Permutations

Abstract

The Internet of Things (IoT) technology makes our lives very simple and convenient by interacting with sensors/devices around the world and using the smart data collected from them. However, IoT devices typically have a resource-constrained architecture, rendering them vulnerable to cyberattacks. The advent of lightweight cryptography provides an opportunity to meet the challenges of IoT. With the promotion of 5G (5th generation wireless systems) technology, the amount of data in IoT devices is bound to grow rapidly. The design and analysis of lightweight block cipher is still a hot issue that needs to be solved in the coming period of time, as it responds to the strong push of many national governments to adopt IoT systems in the management of public affairs. MANTIS is a new tweakable block cipher suitable for IoT with the goal of low-latency implementations and it has drawn lots of attention in the form of prior cryptanalysis. This work first reveals a novel property of MANTIS. The characteristic is established under the condition that there is a certain equivalence relation between the input pairs in a particular subspace and it is evidenced by the first introduction of a key-independent distinguisher for 6-round MANTIS. We obtain that the number of input plaintext pairs in the same equivalence class is always divisible by 8. Then, we demonstrate a general and comprehensive proof as why it has to exist. Additionally, we have successfully verified the validity of the distinguisher. Only 216 chosen plaintexts and 222 table lookups computational cost are required to guarantee that the success probability exceeds 99%. Moreover, we discover that the same kind of property holds for other AES-like permutations with the example of the lightweight hash function PHOTON. Finally, we put forward some future explorations in this promising field.