Improved Integral Attacks on MIBS Block Cipher

Mao Yongxia; Wu Wenling; Zhang Li

doi:10.7544/issn1000-1239.202220472

Journal of Computer Research and Development > 2023 > 60(12): 2697-2708. > DOI: 10.7544/issn1000-1239.202220472

Mao Yongxia, Wu Wenling, Zhang Li. Improved Integral Attacks on MIBS Block Cipher[J]. Journal of Computer Research and Development, 2023, 60(12): 2697-2708. DOI: 10.7544/issn1000-1239.202220472

Citation:

Mao Yongxia, Wu Wenling, Zhang Li. Improved Integral Attacks on MIBS Block Cipher[J]. Journal of Computer Research and Development, 2023, 60(12): 2697-2708. DOI: 10.7544/issn1000-1239.202220472

Citation:

Mao Yongxia, Wu Wenling, Zhang Li. Improved Integral Attacks on MIBS Block Cipher[J]. Journal of Computer Research and Development, 2023, 60(12): 2697-2708. DOI: 10.7544/issn1000-1239.202220472

PDF (1293 KB)

Improved Integral Attacks on MIBS Block Cipher

Institute of Software, Chinese Academy of Sciences, Beijing 100190
University of Chinese Academy of Sciences, Beijing 100049

Funds: This work was supported by the National Natural Science Foundation of China (62072445).

More Information

Author Bio:
Mao Yongxia: born in 1988. PhD. Her main research interest includes design and analysis of block ciphers

Wu Wenling: born in 1966. PhD, professor, and PhD supervisor. Senior member of CCF. Her main research interest includes design and analysis of symmetric ciphers

Zhang Li: born in 1994. PhD. Her main research interest includes analysis of block ciphers
Received Date: June 09, 2022
Revised Date: December 08, 2022
Available Online: June 25, 2023

Graphical Abstract

Abstract

Abstract

MIBS is a lightweight block cipher which was proposed by Izadi et al. at CANS 2009. Its overall encryption structure uses the typical Feistel network, and the round function adopts the SP network. MIBS supports both MIBS-64 and MIBS-80 versions, that is, it has 64-bit and 80-bit two key lengths with a 64-bit block size, and is suitable for strictly resource-constrained devices, such as low-cost RFID (radio frequency identification) tags. We study the integral attack on the block cipher MIBS. Firstly, we observe the key schedules of MIBS-64 and MIBS-80, and find some properties between their round keys by using the automatic search algorithm for key-bridging technique, respectively. Secondly, using the bit-based division property and the automatic modeling search method based on MILP (mixed integer linear programming), we find some 8-round and 9-round integral distinguishers of MIBS. Then, based on the 8-round integral distinguisher, we launch a 12-round key recovery attack for MIBS-64 with the data complexity ${{\text{2}}^{{\text{60}}}}$ , and the time complexity ${{\text{2}}^{{\text{63}}{\text{.42}}}}$ . Finally, based on the 9-round integral distinguisher, we launch a 14-round key recovery attack for MIBS-80 with the data complexity ${{\text{2}}^{{\text{63}}}}$ , and the time complexity ${{\text{2}}^{{\text{66}}}}$ . These two key recoveries are the current best integral attacks on the block cipher MIBS-64 and MIBS-80.
- integral attack,
- MIBS,
- key-bridging technique,
- partial sum technique,
- key recovery

FullText(HTML)

References (31)

References

[1]	Leander G, Paar C, Poschmann A, et al. New lightweight DES variants [C] //Proc of the 14th Int Conf on Fast Software Encryption. Berlin: Springer, 2007: 196−210
[2]	Poschmann A, Leander G, Schramm K, et al. A family of light-weight block ciphers based on DES suited for RFID applications [C/OL] //Proc of Conf on RFID Security. Berlin: Springer, 2006[2022-10-31]. https://www.semanticscholar.org/paper/A-Family-of-Light-Weight-Block-Ciphers-Based-on-DES-Poschmann-Leander/4788ca1dec5495c0c17da5f2e80831acca0abca2
[3]	Bogdanov A, Knudsen L R, Leander G, et al. PRESENT: An ultra-lightweight block cipher [C] //Proc of the 9th Int Conf on Cryptographic Hardware and Embedded Systems. Berlin: Springer, 2007: 450−466
[4]	Banik S, Pandey S K, Peyrin T, et al. GIFT: A small present [C] //Proc of the 19th Int Conf on Cryptographic Hardware and Embedded Systems. Berlin: Springer, 2017: 321−345
[5]	Izadi M, Sadeghiyan B, Sadeghian S S, et al. MIBS: A new lightweight block cipher [C] //Proc of the 8th Int Conf on Cryptology and Network Security (CANS 2009). Berlin: Springer, 2009: 334−348
[6]	Bay A, Nakahara J, Vaudenay S. Cryptanalysis of reduced-round MIBS block cipher [C/OL] //Proc of the 9th Int Conf on Cryptology and Network Security 2010. Berlin: Springer, 2010[2022-10-31]. https://doi.org/10.1007/978−3-642−17619-7_1
[7]	Luo Yiyuan, Lai Xuejia. Improvements for finding impossible differentials of block cipher structures[J/OL]. Security and Communication Networks, 2017 [2022-10-31]. https://ia.cr/2017/1209
[8]	Knudsen L, Wagner D. Integral cryptanalysis [C] //Proc of the 9th Int Conf on Fast Software Encryption (FSE 2002). Berlin: Springer, 2002: 112−127
[9]	Daemen J, Knudsen L, Rijmen V. The block cipher Square [C] //Proc of the 4th Int Conf on Fast Software Encryption (FSE 1997). Berlin: Springer, 1997: 149−165
[10]	Ferguson N, Kelsey J, Lucks S, et al. Improved cryptanalysis of Rijndael [C] //Proc of the 7th Int Conf on Fast Software Encryption (FSE 2000). Berlin: Springer, 2000: 213−230
[11]	Todo Y, Morii M. Compact representation for division property [C] //Proc of the 15th Int Conf on Cryptology and Network Security (CANS 2016). Berlin: Springer, 2016: 19−35
[12]	Todo Y. Structural evaluation by generalized integral property [G] //LNCS 9056: Proc of EUROCRYPT 2015. Berlin: Springer, 2015: 287−314
[13]	Todo Y. Integral cryptanalysis on full MISTY1 [G] //LNCS 9215: Proc of CRYPTO 2015. Berlin: Springer, 2015: 412−432
[14]	Xiang Zejun, Zhang Wentao, Bao Zhenzhen, et al. Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers [G] //LNCS 10031: Proc of ASIACRYPT 2016. Berlin: Springer, 2016: 648−678
[15]	Todo Y, Isobe T, Hao Yonglin, et al. Cube attacks on non-blackbox polynomials based on division property [G] //LNCS 10403: Proc of CRYPTO 2017. Berlin: Springer, 2017: 250−279
[16]	Sasaki Y, Todo Y. New algorithm for modeling S-box in MILP based differential and division trail search [C] //Proc of the 10th Int Conf on Innovative Security Solutions for Information Technology and Communications. Berlin: Springer, 2017: 150−165
[17]	Udovenko A. Convexity of division property transitions: Theory, algorithms and compact models [G] //LNCS 13090: Proc of ASIACRYPT 2021. Berlin: Springer, 2021: 332−361
[18]	Beierle C, Biryukov A, Santos LC, et al. Alzette: A 64-Bit ARX-box [G] //LNCS 12172: Proc of CRYPTO 2020. Berlin: Springer, 2020: 419−448
[19]	Derbez P, Lambin B. Fast MILP models for division property[J]. IACR Transactions on Symmetric Cryptology, 2022, 2022(2): 289−321
[20]	Sun Ling, Wang Wei, Wang Meiqin. MILP-aided bit-based division property for primitives with non-bit-permutation linear layers[J]. IET Information Security, 2020, 1(14): 12−20
[21]	Zhang Wenying, Rijmen V. Division cryptanalysis of block ciphers with a binary diffusion layer[J]. IET Information Security, 2019, 2(13): 87−95
[22]	Hu Kai, Wang Qingju, Wang Meiqin. Finding bit-based division property for ciphers with complex linear layers[J]. IACR Transactions Symmetric Cryptology, 2020, 2020(1): 396−424
[23]	Hong Chunlei, Zhang Shasha, Chen Siwei, et al. More accurate division property propagations based on optimized implementations of linear layers [C] //Proc of the 17th Int Conf on Information Security and Cryptology 2021. Berlin: Springer, 2021: 212−232
[24]	Elsheikh M, Youssef A M. On MILP-based automatic search for bit-based division property for ciphers with (large) linear layers [C] //Proc of the 26th Australasian Conf on Information Security and Privacy 2021. Berlin: Springer, 2021: 111−131
[25]	于晓丽,吴文玲,李艳俊. 低轮MIBS 分组密码的积分分析[J]. 计算机研究与发展,2013,50(10):2117−2125 doi: 10.7544/issn1000-1239.2013.20111495 Yu Xiaoli, Wu Wenling, Li Yanjun. Integral attack of reduced-round MIBS block cipher[J]. Journal of Computer Research and Development, 2013, 50(10): 2117−2125 (in Chinese) doi: 10.7544/issn1000-1239.2013.20111495
[26]	潘志舒,郭建胜,曹进克,等. MIBS算法的积分攻击[J]. 通信学报,2014,35(7):157−163 doi: 10.3969/j.issn.1000-436x.2014.07.019 Pan Zhishu, Guo Jiansheng, Cao Jinke, et al. Integral attack on MIBS block cipher[J]. Journal on Communications, 2014, 35(7): 157−163 (in Chinese) doi: 10.3969/j.issn.1000-436x.2014.07.019
[27]	伊文坛,鲁林真,陈少真. 轻量级密码算法MIBS的零相关和积分分析[J]. 电子与信息学报,2016,38(4):819−826 Yi Wentan, Lu Linzhen, Chen Shaozhen. Integral and zero-correlation linear cryptanalysis of lightweight block cipher MIBS[J]. Journal of Electronics & Information Technology, 2016, 38(4): 819−826 (in Chinese)
[28]	李艳俊,孙启龙,欧海文,等. 改进的MIBS-64算法积分分析研究[J]. 密码学报,2021,8(4):669−679 doi: 10.13868/j.cnki.jcr.000468 Li Yanjun, Sun Qilong, Ou Haiwen, el al. Improved integral attacks on MIBS-64 block cipher[J]. Journal of Cryptologic Research, 2021, 8(4): 669−679 (in Chinese) doi: 10.13868/j.cnki.jcr.000468
[29]	Dunkelman O, Keller N, Shamir A. Improved single-key attacks on 8-round AES-192 and AES-256 [G] //LNCS 6477: Proc of ASIACRYPT 2010. Berlin: Springer, 2010: 158−176
[30]	Lin Li, Wu Wenling, Zheng Yafei. Automatic search for key-bridging technique: Applications to LBlock and TWINE [C] //Proc of the 23rd Int Conf on Fast Software Encryption (FSE 2016). Berlin: Springer, 2016: 247−267
[31]	Abdelkhalek A, Sasaki Y, Todo Y, et al. MILP modeling for (large) S-boxes to optimize probability of differential characteristics[J]. IACR Transactions Symmetric Cryptology, 2017, 2017(4): 99−129

[1]	Lin Liansheng, Zheng Huanqin, Su Shen, Lei Kai, Chen Xiaofeng, Tian Zhihong. An On-Chain Mechanism Against DeFi Price Manipulation Attacks[J]. Journal of Computer Research and Development, 2025, 62(2): 443-457. DOI: 10.7544/issn1000-1239.202330291
[2]	Song Shuwei, Ni Xiaoze, Chen Ting. Gas Optimization for Smart Contracts: A Survey[J]. Journal of Computer Research and Development, 2023, 60(2): 311-325. DOI: 10.7544/issn1000-1239.202220887
[3]	Ying Chenhao, Xia Fuyuan, Li Jie, Si Xueming, Luo Yuan. Incentive Mechanism Based on Truth Estimation of Private Data for Blockchain-Based Mobile Crowdsensing[J]. Journal of Computer Research and Development, 2022, 59(10): 2212-2232. DOI: 10.7544/issn1000-1239.20220493
[4]	Feng Jingyu, Yang Jinwen, Zhang Ruitong, Zhang Wenbo. A Spectrum Sharing Incentive Scheme Against Location Privacy Leakage in IoT Networks[J]. Journal of Computer Research and Development, 2020, 57(10): 2209-2220. DOI: 10.7544/issn1000-1239.2020.20200453
[5]	Hai Mo, Zhu Jianming. A Propagation Mechanism Combining an Optimal Propagation Path and Incentive in Blockchain Networks[J]. Journal of Computer Research and Development, 2019, 56(6): 1205-1218. DOI: 10.7544/issn1000-1239.2019.20180419
[6]	He Yunhua, Li Mengru, Li Hong, Sun Limin, Xiao Ke, Yang Chao. A Blockchain Based Incentive Mechanism for Crowdsensing Applications[J]. Journal of Computer Research and Development, 2019, 56(3): 544-554. DOI: 10.7544/issn1000-1239.2019.20170670
[7]	He Haiwu, Yan An, Chen Zehua. Survey of Smart Contract Technology and Application Based on Blockchain[J]. Journal of Computer Research and Development, 2018, 55(11): 2452-2466. DOI: 10.7544/issn1000-1239.2018.20170658
[8]	Xiong Jinbo, Ma Rong, Niu Ben, Guo Yunchuan, Lin Li. Privacy Protection Incentive Mechanism Based on User-Union Matching in Mobile Crowdsensing[J]. Journal of Computer Research and Development, 2018, 55(7): 1359-1370. DOI: 10.7544/issn1000-1239.2018.20180080
[9]	Wang Bo, Huang Chuanhe, Yang Wenzhong, Dan Feng, and Xu Liya. An Incentive-Cooperative Forwarding Model Based on Punishment Mechanism in Wireless Ad Hoc Networks[J]. Journal of Computer Research and Development, 2011, 48(3): 398-406.
[10]	Yue Guangxue, Li Renfa, Chen Zhi, Zhou Xu. Analysis of Free-riding Behaviors and Modeling Restrain Mechanisms for Peer-to-Peer Networks[J]. Journal of Computer Research and Development, 2011, 48(3): 382-397.

Cited By

Cited by

Periodical cited type(2)

1.	李硕，王馨爽. 多场景融合的码号数据分发架构及关键技术研究. 数据通信. 2024(06): 1-3+11 .
2.	俞惠芳，李磊. 基于椭圆曲线签密的跨链医疗数据共享方案. 通信学报. 2024(12): 57-66 .