Improved Integral Cryptanalysis on Block Cipher uBlock
Integral attack is one of the most powerful cryptanalytic methods after differential and linear cryptanalysis,which was presented by Daemen et al.in 1997(doi:10.100 7/BFb0052343).As the winning block cipher of China's National Cipher Designing Competition in 2018,the security strength of uBlock against integral attack has received much attention.To better understand the integral property,this paper constructs the Mixed Integer Linear Programming(MILP)models for monomial prediction to search for the integral distinguishers and uses the partial sum techniques to perform key-recovery attacks.For uBlock-128/128 and uBlock-128/256,this paper gives the first 11 and 12-round attacks based on a 9-round integral distinguisher,respectively.The data complexity is 2127 chosen plaintexts.The time complexities are 2127.06 and 2224 times encryptions,respectively.The memory complexities are244.58and2138Byte,respectively.For uBlock-256/256,this paper gives the first 12-round attack based on a 10-round integral distinguisher.The data complexity is2253chosen plaintexts.The time and memory complexities are2253.06times encryptions and 244.46 Byte,respectively.The number of attacked rounds for uBlock-128/128 and uBlock-256/256 are improved by two rounds compared with the previous best ones.Besides,the number of attacked rounds for uBlock-128/256 is improved by three rounds.The results show that uBlock has enough security margin against integral attack.
万方数据
维普
