Zero-correlation linear attack on the block cipher SKINNY

Zero-correlation linear cryptanalysis is an important method for analyzing the security of block ciphers. But there are few works on zero-correlation linear attacks combined with a related-key setting.

A team from China has proposed a related-tweakey zero-correlation linear attack model and a search algorithm for zero-correlation linear distinguishers of block ciphers with a linear key schedule. Based on the algorithm, they find 14-round and 16-round zero-correlation linear distinguishers of SKINNY-n-2n and SKINNY-n-3n, two versions of a widely used block cipher, respectively. Under their attack model, they use these distinguishers to attack 21-round SKINNY-n-2n and 25-round SKINNY-n-3n. Their study is published in the journal Frontiers of Computer Science.

The key innovation of their research is the proposition to judge whether a linear approximation of a block cipher is zero-correlation. (If a linear approximation is zero-correlation, then it is a distinguisher of the cipher and can be used for attacks). They try to find contradictions in the process of key updating, while previous methods are detecting contradictions of data states in the encryption process. Thus, new zero-correlation linear approximations might be found.

The results of their work show zero-correlation linear attacks can be improved under the related-(twea)key setting, which reminds the cipher designers to be more careful about the key schedule of a block cipher, especially when the key schedule is a linear mapping. Moreover, their attack model could also apply to other block ciphers like SKINNY. And the search algorithm will be a helpful tool to analyze the security of block ciphers against zero-correlation linear attacks.

Future work can focus on extending the application of such an attack model by generalizing the zero-correlation linear cryptanalysis theory. It is an interesting work to find zero-correlation linear distinguishers of block ciphers with a nonlinear key schedule.

More information:
Yi Zhang et al, Zero-correlation linear attack on reduced-round SKINNY, Frontiers of Computer Science (2022). DOI: 10.1007/s11704-022-2206-2

Provided by Frontiers Journals