As technology develops at a lightning pace, the security of our electronic devices such as our smartphones, laptops, and computers is at a greater risk. A phenomenon known as encryption is vital to keep our devices safe from hackers and other unwanted personnel trying to steal our data.
Cryptography is thus an important field that invites a lot of research. It is the practice and study of techniques required for secure communication. This is why our passwords for our devices and apps need to be very strong so that no unwanted party can hack into our personal data.
Lightweight cryptography is a type of cryptography that requires less resources, less memory, and less power to function. It is simpler and more efficient than ordinary cryptography, and is useful in securing connected devices. Its main use will be to secure IoT (Internet of Things) devices and in the protection of wireless sensor networks.
With so many uses, in 2014 – 2018, the CAESAR (Competition for Authenticated Encryption: Security, Applicability, and Robustness) competition was held, where many ciphers were submitted. A cipher is an algorithm used for encryption and decryption of data/messages.
In this competition, JAMBU was a lightweight authenticated encryption mode cipher that made it to the 3rd round of this competition. It is the most lightweight authentication mode for authentication security.
A variant of the JAMBU mode, called TinyJAMBU, was chosen as the subject of interest in this paper. TinyJAMBU mode is based on a keyed permutation. The state size of TinyJAMBU is only two-thirds of that of JAMBU. The message block size of TinyJAMBU is half of that of JAMBU mode.
The authors of this paper, which include Mr. Pranjal Dutta from the Department of Computer Science, Chennai Mathematical Institute, Chennai, India, Mr. Mahesh Sreekumar Rajasree from the Department of Computer Science, Indian Institute of Technology (IIT) Kanpur, Kanpur, India, and Prof. Santanu Sarkar from the Department of Mathematics, Indian Institute of Technology (IIT) Madras, Chennai, India, have studied TinyJAMBU and achieved many results.
For the first time, the exact degree of the feedback polynomial in the nonce (an arbitrary number that can be used just once in a cryptographic communication) variables has been studied in this paper. The structure of the keyed permutation has also been studied, and it was found that there are 2108 keys for which TinyJAMBU can be distinguished from a random source for up to 476 rounds.
TinyJAMBU has a total of 1024 rounds, out of which more than 445 rounds are required to secure against distinguishers using 32 sized cubes in the normal setting. A distinguisher, or a distinguishing attack, allows an attacker to distinguish the encrypted data from random data. A cube, or a cube attack is a cryptanalytic method used to retrieve secret values from a polynomial. The distinguishers used in this paper outperform the previously identified best-known distinguishers which were proposed in Scientific Reports – Nature by Teng et al.
TinyJAMBU was also studied in a weak-key setting. A weak-key makes the cipher to behave in an undesirable way. The keyed permutation was tested for any weakness. The authors hope that these findings will help to shed new lights on the cipher’s security.
For future work, the authors would like to investigate the following:
- Similar to the DA3 attack, can we give distinguisher for rounds greater than 480 by using all 96 bits of the nonce?
- Is there a practical key recovery attack for TinyJAMBU where the number of rounds is more than 450?
- Does there exist any other inherent weakness for the permutation which can be exploited to get better cubes or used in any attacks?
Prof. Manindra Agrawal from the Department of Computer Science and Engineering, Indian Institute of Technology (IIT) Kanpur, Kanpur, India, acknowledged the achievements of the authors by giving the following comments: “The paper does a detailed study of security of TinyJAMBU, one of the ten shortlisted candidates by NIST for lightweight cryptography standards. Prior to this work, it was known that the security of the algorithm is compromised when it is restricted to 428 rounds or less (the actual number of rounds is 1024). The present paper improves this to 440 rounds or less. Further, for 445 rounds or more, it is shown that the algorithm is secure against a standard technique, called 32-dimension cube attack. In addition to these results, the paper also shows that a significant number of keys are weak for 476 rounds or less (weak keys are those that can be recovered much more quickly than remaining keys). Overall, the paper makes good progress in analyzing the security of TinyJAMBU.”
Article by Akshay Anantharaman
Here is the original link to the paper:
https://www.nature.com/articles/s41598-022-19046-2