Cube Attacks On The Lightweight Cryptographic Algorithms MORUS,Enhanced-Bivium And Quartet

With the rapid development and widespread use of the Internet of Things,people transmit large amounts of data through the network in everyday life and work to communicate and share information.However,the Internet of Things is a network with a highly dynamic topology,and its connections are extremely vulnerable to attacks.With the numerous benefits of the Internet of Things and such a wide range of applications,it is particularly necessary to ensure the safety and reliability of the entire system.Nowadays,protecting the entire system from malicious attacks is one of the biggest challenges in applying Io T technology.In order to improve the cryptographic defense capabilities against cyber attacks,the National Institute of Standards and Technology(NIST)announced a public identity verification encryption competition in January 2013: Security,Applicability and Robustness(CAESAR)[1]Encourage the design and analysis of authentication encryption passwords.Specifically,the authentication password combines confidentiality,integrity,and authentication password services into an algorithm structure.In addition,Io T applications ranging from smart locks to wearable technology to home automation and healthcare usually require lightweight devices,and these countless tiny trusted devices need to provide encryption,encryption,authentication,digital signatures,etc.service.In order to provide a valuable solution to the problem of protecting data security in similar restricted environments,NIST issued the call in August 2018[2] to inquire about new lightweight encryption for lightweight applications(LWC)standard recommendations.This dissertation analyzes the security of the above-mentioned cipher competition and other lightweight stream ciphers,including:1.In order to improve the accuracy of the attack,and reduce the time complexity and memory complexity caused by the increased accuracy,this paper uses the cube attack technology of automatic search and bit-based division property.Compared with the traditionaldivision property technology,we use the bit-based division property technology to describe the propagation of the division property of the internal state of the cryptographic algorithm from the bit level,so that the model propagation is more refined and more effective information can be obtained.However,the bit-based division property needs to consume more computational complexity and can only be limited to cryptographic algorithms whose analysis state is less than or equal to 32 bits.In view of this,we introduce automation technology to establish the SAT(Boolean Satisfiability Problem)model of the attacked cryptographic algorithm in the form of conjunctive paradigm to characterize the SAT search process of division properties.2.In view of the influence of constant bits on the propagation of division properties in the propagation of division properties,Flag technique is introduced into the SAT model.In the propagation process,the constant 0 may be generated during the XOR operation of constants,the bitwise AND operation between constants,and the bitwise AND operation between constants and variables.By adding constraints to the SAT model and constraining the above operations,we reduce the improper diffusion during the propagation of division properties and improve the accuracy of propagation.3.This paper implements an improved cube attack system based on the above technology,and implements the security analysis of the CAESAR cryptographic contest winning cryptographic algorithm and the candidate cryptographic algorithm of the NIST lightweight cryptographic contest.For MORUS-640-128 with keystream generation function,we give the first 5.9-step key recovery attack with a cube of size 24,which achieves 0.4-step(two rounds)more than the previous best work in [4],and the complexity for superpoly recovery is 232.06.We also study reduced versions of the initialization of MORUS-640-128 and provide the 6-step key recovery attack with a cube of size 22,which improves two steps comparing with [3].Also,we find better cubes of the same size as [3],and then we gain one more step key recovery attack with these cubes.We obtain cubes of size 2 and 18,resulting in key recovery attacks for 3 and 4 rounds of Quartet.We also provide the first key recovery attack for 502-round Enhanced-bivium with a cube of size 12.The gathering results are shown in Table 1,and the comparisons between former key recovery attacks and our results are also included.