The retracing boomerang attack

Orr Dunkelman, Nathan Keller, Eyal Ronen, Adi Shamir

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

32 Scopus citations

Abstract

Boomerang attacks are extensions of differential attacks, that make it possible to combine two unrelated differential properties of the first and second part of a cryptosystem with probabilities p and q into a new differential-like property of the whole cryptosystem with probability P2q2 (since each one of the properties has to be satisfied twice). In this paper we describe a new version of boomerang attacks which uses the counterintuitive idea of throwing out most of the data in order to force equalities between certain values on the ciphertext side. In certain cases, this creates a correlation between the four probabilistic events, which increases the probability of the combined property to P2q and increases the signal to noise ratio of the resultant distinguisher. We call this variant a retracing boomerang attack since we make sure that the boomerang we throw follows the same path on its forward and backward directions. To demonstrate the power of the new technique, we apply it to the case of 5-round AES. This version of AES was repeatedly attacked by a large variety of techniques, but for twenty years its complexity had remained stuck at 232. At Crypto’18 it was finally reduced to 224 (for full key recovery), and with our new technique we can further reduce the complexity of full key recovery to the surprisingly low value of 216.5 (i.e., only 90, 000 encryption/decryption operations are required for a full key recovery on half the rounds of AES). In addition to improving previous attacks, our new technique unveils a hidden relationship between boomerang attacks and two other cryptanalytic techniques, the yoyo game and the recently introduced mixture differentials.

Original languageEnglish
Title of host publicationAdvances in Cryptology – EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
EditorsAnne Canteaut, Yuval Ishai
PublisherSpringer
Pages280-309
Number of pages30
ISBN (Print)9783030457204
DOIs
StatePublished - 2020
Event39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2020 - Zagreb, Croatia
Duration: 10 May 202014 May 2020

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12105 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2020
Country/TerritoryCroatia
CityZagreb
Period10/05/2014/05/20

Bibliographical note

Publisher Copyright:
© International Association for Cryptologic Research 2020.

Funding

The authors thank the anonymous referees and Senyang Huang for their proposals and suggestions for improving the manuscript. The research was supported in part by the European Research Council under the ERC starting grant agreement n. 757731 (LightCrypt), by the BIU Center for Research in Applied Cryptography and Cyber Security, by the Israel Ministry of Science and Technology, the Center for Cyber, Law, and Policy, by the Israel National Cyber Bureau in the Prime Minister’s Office, and by the Israeli Science Foundation through grants No. 3380/19, No. 880/18 and No. 1523/14. The first author is a member of the Center for Cyber, Law, and Policy at the university of Haifa. The second author is a member of the BIU Center for Research in Applied Cryptography and Cyber Security. The third author is a member of CPIIS.

FundersFunder number
Israel National Cyber Bureau
European Commission757731
Israel Science Foundation1523/14, 880/18, 3380/19
Ministry of science and technology, Israel

    Fingerprint

    Dive into the research topics of 'The retracing boomerang attack'. Together they form a unique fingerprint.

    Cite this