|
|
|
|
Total Break of Zorro Using Linear and Differential Attacks
|
|
|
|
|
|
|
|
نویسنده
|
Rasoolzadeh Shahram ,Ahmadian Zahra ,Salmasizadeh Mahmoud ,Aref Mohammad Reza
|
|
منبع
|
the isc international journal of information security - 2014 - دوره : 6 - شماره : 1 - صفحه:23 -34
|
|
چکیده
|
An aes-like lightweight block cipher, namely zorro, was proposed in ches 2013. while it has a 16-byte state, it uses only 4 s-boxes per round. this weak nonlinearity was widely criticized, insofar as it has been directly exploited in all the attacks on zorro reported by now, including the weak key, reduced round, and even full round attacks. in this paper, using some properties discovered by wang et al. we present new differential and linear attacks on zorro, both of which recover the full secret key with practical complexities. these attacks are based on very efficient distinguishers that have only two active s-boxes per four rounds. the time complexity of our differential and linear attacks are 255:40 and 245:44 and the data complexity are 255:15 chosen plaintexts and 245:44 known plaintexts, respectively. the results clearly show that the block cipher zorro does not have enough security against differential and linear attacks.
|
|
کلیدواژه
|
Differential Attack ,Lightweight Block Cipher ,Linear Attack ,Zorro.
|
|
آدرس
|
sharif university of technology, Electronic Research Institute, Department of Electrical Engineering, Information Systems and Security Lab (ISSL), ایران, sharif university of technology, Electronic Research Institute, Department of Electrical Engineering, Information Systems and Security Lab (ISSL), ایران, sharif university of technology, Electronic Research Institute, ایران, sharif university of technology, Department of Electrical Engineering, Information Systems and Security Lab (ISSL), ایران
|
|
پست الکترونیکی
|
aref@sharif.edu
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|