Differential-linear Attacks on Permutation Ciphers Revisited: Experiments on Ascon and DryGASCON


CİVEK A. B. , TEZCAN C.

8th International Conference on Information Systems Security and Privacy (ICISSP), ELECTR NETWORK, 9 - 11 February 2022, pp.202-209 identifier

  • Publication Type: Conference Paper / Full Text
  • Doi Number: 10.5220/0010982600003120
  • Country: ELECTR NETWORK
  • Page Numbers: pp.202-209
  • Keywords: Lightweight Cryptography, Cryptanalysis, Differential-linear Analysis, NIST

Abstract

Ascon and DryGASCON are very similar designs that were submitted to NIST's lightweight cryptography standardization process. While Ascon made it to the finals, DryGASCON was eliminated in the second round. We analyze these algorithms against truncated, linear and differential-linear distinguishers to compare their security. We correct 2, 3, 3.5-round truncated differentials and 5-round differential-linear distinguishers that were given for DryGASCON-128. Moreover, we provide the longest practical differential-linear distinguisher of DryGASCON-128. Finally, we compare the security of Ascon-128 and DryGASCON-128 against differential-linear cryptanalysis.