Improved slender-set linear cryptanalysis

Abstract

In 2013, Borghoff et al. introduced a slender-set linear cryptanalysis on PRESENT-like ciphers with key-dependent secret S-boxes. In this paper, we propose an improved slender-set linear attack to PRESENT-like ciphers with secret S-boxes. We investigate three new cryptanalytic techniques, and use them to recover the secret S-boxes efficiently. Our first new idea is that we propose a new technique to support consistency of partitions of the input to the secret S-boxes. Our second new technique is that we present a more efficient method to recover the coordinate functions of secret S-boxes based on more information than that of Borghoff’s attack. The third new technique is that we propose a method of constructing all correct coordinate function of secret S-boxes by pruning search algorithm. In particular, we implemented a successful linear attack on the full round Maya in practice. In our experiments, the correct S-box can be recovered with 2 36 known plaintexts, 2 18.9 time complexity and negligible memory complexity at a success rate of 87.5% based on 200 independent trials. Our attack is the improvement and sequel of Borghoff’s work on PRESENT-like cipher with secret S-boxes.