International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Antonio Flórez Gutiérrez

Publications

Year
Venue
Title
2024
ASIACRYPT
General Practical Cryptanalysis of the Sum of Round-Reduced Block Ciphers and ZIP-AES
We introduce a new approach between classical security proofs of modes of operation and dedicated security analysis for known crypt- analysis families: General Practical Cryptanalysis. This allows us to ana- lyze generically the security of the sum of two keyed permutations against known attacks. In many cases (of course, not all), we show that the se- curity of the sum is strongly linked to that of the composition of the two permutations. This enables the construction of beyond-birthday bound secure low-latency PRFs by cutting a known-to-be-secure block cipher into two equal parts. As a side result, our general analysis shows an in- evitable difficulty for the key recovery based on differential-type attacks against the sum, which leads to a correction of previously published at- tacks on the dedicated design Orthros
2022
ASIACRYPT
Optimising Linear Key Recovery Attacks with Affine Walsh Transform Pruning 📺
Antonio Flórez Gutiérrez
Linear cryptanalysis is one of the main families of key-recovery attacks on block ciphers. Several publications have drawn attention towards the possibility of reducing their time complexity using the fast Walsh transform. These previous contributions ignore the structure of the key recovery rounds, which are treated as arbitrary boolean functions. In this paper, we optimise the time and memory complexities of these algorithms by exploiting zeroes in the Walsh spectra of these functions using a novel affine pruning technique for the Walsh Transform. These new optimisation strategies are then showcased with two application examples: an improved attack on the DES and the first known atttack on 29-round PRESENT-128.
2022
JOFC
Improved Differential-Linear Attacks with Applications to ARX Ciphers
We present several improvements to the framework of differential-linear attacks with a special focus on ARX ciphers. As a demonstration of their impact, we apply them to Chaskey and ChaCha and we are able to significantly improve upon the best attacks published so far.
2021
ASIACRYPT
Generic Framework for Key-Guessing Improvements 📺
We propose a general technique to improve the key-guessing step of several attacks on block ciphers. This is achieved by defining and studying some new properties of the associated S-boxes and by representing them as a special type of decision trees that are crucial for finding fine-grained guessing strategies for various attack vectors. We have proposed and implemented the algorithm that efficiently finds such trees, and use it for providing several applications of this approach, which include the best known attacks on NOKEON, GIFT, and RECTANGLE.
2021
JOFC
Internal Symmetries and Linear Properties: Full-permutation Distinguishers and Improved Collisions on Gimli
$$\mathsf {Gimli}$$ Gimli is a family of cryptographic primitives (both a hash function and an AEAD scheme) that has been selected for the second round of the NIST competition for standardizing new lightweight designs. The candidate $$\mathsf {Gimli}$$ Gimli is based on the permutation $$\mathsf {Gimli}$$ Gimli , which was presented at CHES 2017. In this paper, we study the security of both the permutation and the constructions that are based on it. We exploit the slow diffusion in $$\mathsf {Gimli}$$ Gimli and its internal symmetries to build, for the first time, a distinguisher on the full permutation of complexity $$2^{64}$$ 2 64 . We also provide a practical distinguisher on 23 out of the full 24 rounds of $$\mathsf {Gimli}$$ Gimli that has been implemented. Next, we give (full state) collision and semi-free start collision attacks on $$\mathsf {Gimli}$$ Gimli -Hash, reaching, respectively, up to 12 and 18 rounds. On the practical side, we compute a collision on 8-round $$\mathsf {Gimli}$$ Gimli -Hash. In the quantum setting, these attacks reach 2 more rounds. Finally, we perform the first study of linear trails in $$\mathsf {Gimli}$$ Gimli , and we find a linear distinguisher on the full permutation.
2020
ASIACRYPT
New results on Gimli: full-permutation distinguishers and improved collisions 📺
Gimli is a family of cryptographic primitives (both a hash function and an AEAD scheme) that has been selected for the second round of the NIST competition for standardizing new lightweight designs. The candidate Gimli is based on the permutation Gimli, which was presented at CHES 2017. In this paper, we study the security of both the permutation and the constructions that are based on it. We exploit the slow diffusion in Gimli and its internal symmetries to build, for the first time, a distinguisher on the full permutation of complexity $2^{64}$. We also provide a practical distinguisher on 23 out of the full 24 rounds of Gimli that has been implemented. Next, we give (full state) collision and semi-free-start collision attacks on Gimli-Hash, reaching respectively up to 12 and 18 rounds. On the practical side, we compute a collision on 8-round Gimli-Hash. In the quantum setting, these attacks reach 2 more rounds. Finally, we perform the first study of linear trails in the permutation, and we propose differential-linear cryptanalysis that reach up to 17 rounds of Gimli.