5 results sorted by ID
Possible spell-corrected query: torus
Differential Random Fault Attacks on certain CAESAR Stream Ciphers (Supplementary Material)
Kenneth Koon-Ho Wong, Harry Bartlett, Leonie Simpson, Ed Dawson
Secret-key cryptography
This document contains supplementary material to the paper with the same title available from the proceedings of the International Conference on Information Security and Cryptology (ICISC) 2019. In this supplementary material, we demonstrate that the random fault attack strategy described in the full paper can be applied to ciphers in the MORUS family, resulting in partial state recovery for these ciphers.
Correlation of Quadratic Boolean Functions: Cryptanalysis of All Versions of Full MORUS
Danping Shi, Siwei Sun, Yu Sasaki, Chaoyun Li, Lei Hu
Secret-key cryptography
We show that the correlation of any quadratic Boolean function can be read out from its so-called disjoint quadratic form. We further propose a polynomial-time algorithm that can transform an arbitrary quadratic Boolean function into its disjoint quadratic form. With this algorithm, the exact correlation of quadratic Boolean functions can be computed efficiently.
We apply this method to analyze the linear trails of MORUS (one of the seven finalists of the CAESAR competition), which are...
Cryptanalysis of MORUS
Tomer Ashur, Maria Eichlseder, Martin M. Lauridsen, Gaëtan Leurent, Brice Minaud, Yann Rotella, Yu Sasaki, Benoît Viguier
Secret-key cryptography
MORUS is a high-performance authenticated encryption algorithm submitted to the CAESAR competition, and recently selected as a finalist.There are three versions of MORUS: MORUS-640 with a 128-bit key, and MORUS-1280 with 128-bit or 256-bit keys. For all versions the security claim for confidentiality matches the key size.In this paper, we analyze the components of this algorithm (initialization, state update and tag generation), and report several results.
As our main result, we present a...
Note on the Robustness of CAESAR Candidates
Daniel Kales, Maria Eichlseder, Florian Mendel
Secret-key cryptography
Authenticated ciphers rely on the uniqueness of the nonces to meet their security goals. In this work, we investigate the implications of reusing nonces for three third-round candidates of the ongoing CAESAR competition, namely Tiaoxin, AEGIS and MORUS. We show that an attacker that is able to force nonces to be reused can reduce the security of the ciphers with results ranging from full key-recovery to forgeries with practical complexity and a very low number of nonce-misuse queries.
SAT-based Cryptanalysis of Authenticated Ciphers from the CAESAR Competition
Ashutosh Dhar Dwivedi, Miloš Klouček, Pawel Morawiecki, Ivica Nikolic̈, Josef Pieprzyk, Sebastian Wöjtowicz
Secret-key cryptography
We investigate six authenticated encryption schemes (ACORN, ASCON-128a, Ketje Jr, ICEPOLE-128a, MORUS, and NORX-32) from the CAESAR competition. We aim at state recovery attacks using a SAT solver as a main tool. Our analysis reveals that these schemes, as submitted to CAESAR, provide strong resistance against SAT-based state recoveries. To shed a light on their security margins, we also analyse modified versions of these algorithms, including round-reduced variants and versions with higher...
This document contains supplementary material to the paper with the same title available from the proceedings of the International Conference on Information Security and Cryptology (ICISC) 2019. In this supplementary material, we demonstrate that the random fault attack strategy described in the full paper can be applied to ciphers in the MORUS family, resulting in partial state recovery for these ciphers.
We show that the correlation of any quadratic Boolean function can be read out from its so-called disjoint quadratic form. We further propose a polynomial-time algorithm that can transform an arbitrary quadratic Boolean function into its disjoint quadratic form. With this algorithm, the exact correlation of quadratic Boolean functions can be computed efficiently. We apply this method to analyze the linear trails of MORUS (one of the seven finalists of the CAESAR competition), which are...
MORUS is a high-performance authenticated encryption algorithm submitted to the CAESAR competition, and recently selected as a finalist.There are three versions of MORUS: MORUS-640 with a 128-bit key, and MORUS-1280 with 128-bit or 256-bit keys. For all versions the security claim for confidentiality matches the key size.In this paper, we analyze the components of this algorithm (initialization, state update and tag generation), and report several results. As our main result, we present a...
Authenticated ciphers rely on the uniqueness of the nonces to meet their security goals. In this work, we investigate the implications of reusing nonces for three third-round candidates of the ongoing CAESAR competition, namely Tiaoxin, AEGIS and MORUS. We show that an attacker that is able to force nonces to be reused can reduce the security of the ciphers with results ranging from full key-recovery to forgeries with practical complexity and a very low number of nonce-misuse queries.
We investigate six authenticated encryption schemes (ACORN, ASCON-128a, Ketje Jr, ICEPOLE-128a, MORUS, and NORX-32) from the CAESAR competition. We aim at state recovery attacks using a SAT solver as a main tool. Our analysis reveals that these schemes, as submitted to CAESAR, provide strong resistance against SAT-based state recoveries. To shed a light on their security margins, we also analyse modified versions of these algorithms, including round-reduced variants and versions with higher...