Boomeyong: Embedding Yoyo within Boomerang and its Applications to Key Recovery Attacks on AES and Pholkos

Boomeyong: Embedding Yoyo within Boomerang and its Applications to Key Recovery Attacks on AES and Pholkos

This work investigates a generic way of combining two very effective and well-studied cryptanalytic tools, proposed almost 18 years apart, namely the boomerang attack introduced by Wagner in FSE 1999 and the yoyo attack by Ronjom et al. in Asiacrypt 2017. In doing so, the s-box switch and ladder sw...

Full description

Bibliographic Details
Main Authors: Mostafizar Rahman, Dhiman Saha, Goutam Paul
Format: Article
Language:English
Published: Ruhr-Universität Bochum 2021-09-01
Series:IACR Transactions on Symmetric Cryptology
Subjects:
AES
Boomerang
Distinguisher
Key Recovery
Pholkos
Symmetric- Key Cryptanalysis
Online Access:https://tosc.iacr.org/index.php/ToSC/article/view/9177
id doaj-ad07eb71c9ad49f7be8044a024122732
record_format Article
spelling doaj-ad07eb71c9ad49f7be8044a0241227322021-09-25T14:25:20ZengRuhr-Universität BochumIACR Transactions on Symmetric Cryptology2519-173X2021-09-012021310.46586/tosc.v2021.i3.137-169Boomeyong: Embedding Yoyo within Boomerang and its Applications to Key Recovery Attacks on AES and PholkosMostafizar Rahman0Dhiman Saha1Goutam Paul2Cryptology and Security Research Unit (CSRU), Indian Statistical Institute, Kolkata, Indiade.ci.phe.red Lab, Department of Electrical Engineering and Computer Science, Indian Institute of Technology, Bhilai, Raipur, IndiaCryptology and Security Research Unit (CSRU), Indian Statistical Institute, Kolkata, India This work investigates a generic way of combining two very effective and well-studied cryptanalytic tools, proposed almost 18 years apart, namely the boomerang attack introduced by Wagner in FSE 1999 and the yoyo attack by Ronjom et al. in Asiacrypt 2017. In doing so, the s-box switch and ladder switch techniques are leveraged to embed a yoyo trail inside a boomerang trail. As an immediate application, a 6-round key recovery attack on AES-128 is mounted with time complexity of 278. A 10-round key recovery attack on recently introduced AES-based tweakable block cipher Pholkos is also furnished to demonstrate the applicability of the new technique on AES-like constructions. The results on AES are experimentally verified by applying and implementing them on a small scale variant of AES. We provide arguments that draw a relation between the proposed strategy with the retracing boomerang attack devised in Eurocrypt 2020. To the best of our knowledge, this is the first attempt to merge the yoyo and boomerang techniques to analyze SPN ciphers and warrants further attention as it has the potential of becoming an important cryptanalysis tool. https://tosc.iacr.org/index.php/ToSC/article/view/9177AESBoomerangDistinguisherKey RecoveryPholkosSymmetric- Key Cryptanalysis
collection DOAJ
language English
format Article
sources DOAJ
author Mostafizar Rahman
Dhiman Saha
Goutam Paul
spellingShingle Mostafizar Rahman
Dhiman Saha
Goutam Paul
Boomeyong: Embedding Yoyo within Boomerang and its Applications to Key Recovery Attacks on AES and Pholkos
IACR Transactions on Symmetric Cryptology
AES
Boomerang
Distinguisher
Key Recovery
Pholkos
Symmetric- Key Cryptanalysis
author_facet Mostafizar Rahman
Dhiman Saha
Goutam Paul
author_sort Mostafizar Rahman
title Boomeyong: Embedding Yoyo within Boomerang and its Applications to Key Recovery Attacks on AES and Pholkos
title_short Boomeyong: Embedding Yoyo within Boomerang and its Applications to Key Recovery Attacks on AES and Pholkos
title_full Boomeyong: Embedding Yoyo within Boomerang and its Applications to Key Recovery Attacks on AES and Pholkos
title_fullStr Boomeyong: Embedding Yoyo within Boomerang and its Applications to Key Recovery Attacks on AES and Pholkos
title_full_unstemmed Boomeyong: Embedding Yoyo within Boomerang and its Applications to Key Recovery Attacks on AES and Pholkos
title_sort boomeyong: embedding yoyo within boomerang and its applications to key recovery attacks on aes and pholkos
publisher Ruhr-Universität Bochum
series IACR Transactions on Symmetric Cryptology
issn 2519-173X
publishDate 2021-09-01
description This work investigates a generic way of combining two very effective and well-studied cryptanalytic tools, proposed almost 18 years apart, namely the boomerang attack introduced by Wagner in FSE 1999 and the yoyo attack by Ronjom et al. in Asiacrypt 2017. In doing so, the s-box switch and ladder switch techniques are leveraged to embed a yoyo trail inside a boomerang trail. As an immediate application, a 6-round key recovery attack on AES-128 is mounted with time complexity of 278. A 10-round key recovery attack on recently introduced AES-based tweakable block cipher Pholkos is also furnished to demonstrate the applicability of the new technique on AES-like constructions. The results on AES are experimentally verified by applying and implementing them on a small scale variant of AES. We provide arguments that draw a relation between the proposed strategy with the retracing boomerang attack devised in Eurocrypt 2020. To the best of our knowledge, this is the first attempt to merge the yoyo and boomerang techniques to analyze SPN ciphers and warrants further attention as it has the potential of becoming an important cryptanalysis tool.
topic AES
Boomerang
Distinguisher
Key Recovery
Pholkos
Symmetric- Key Cryptanalysis
url https://tosc.iacr.org/index.php/ToSC/article/view/9177
work_keys_str_mv AT mostafizarrahman boomeyongembeddingyoyowithinboomeranganditsapplicationstokeyrecoveryattacksonaesandpholkos
AT dhimansaha boomeyongembeddingyoyowithinboomeranganditsapplicationstokeyrecoveryattacksonaesandpholkos
AT goutampaul boomeyongembeddingyoyowithinboomeranganditsapplicationstokeyrecoveryattacksonaesandpholkos
_version_ 1717368739570122752

Similar Items