TY - GEN
T1 - Revised Version of Block Cipher CHAM
AU - Roh, Dongyoung
AU - Koo, Bonwook
AU - Jung, Younghoon
AU - Jeong, Il Woong
AU - Lee, Dong Geon
AU - Kwon, Daesung
AU - Kim, Woo Hwan
N1 - Publisher Copyright:
© 2020, Springer Nature Switzerland AG.
PY - 2020
Y1 - 2020
N2 - CHAM is a family of lightweight block ciphers published in 2017 [22]. The CHAM family consists of three ciphers, CHAM-64/128, CHAM-128/128, and CHAM-128/256. CHAM can be implemented with a remarkably low area in hardware compared to other lightweight block ciphers, and it also performs well on software. We found new (related-key) differential characteristics and differentials of CHAM using a SAT solver. Although attacks using the new characteristics are limited to the reduced rounds of CHAM, it is preferable to increase the number of rounds to ensure a sufficient security margin. The numbers of rounds of CHAM-64/128, CHAM-128/128, and CHAM-128/256 are increased from 80 to 88, 80 to 112, and 96 to 120, respectively. We provide strong evidence that CHAM with these new numbers of rounds is secure enough against (related-key) differential cryptanalysis. Because increasing the number of rounds does not affect the area in low-area hardware implementations, the revised CHAM is still excellent in lightweight hardware implementations. In software, the revised CHAM is still comparable to SPECK, one of the top-ranked algorithms in software.
AB - CHAM is a family of lightweight block ciphers published in 2017 [22]. The CHAM family consists of three ciphers, CHAM-64/128, CHAM-128/128, and CHAM-128/256. CHAM can be implemented with a remarkably low area in hardware compared to other lightweight block ciphers, and it also performs well on software. We found new (related-key) differential characteristics and differentials of CHAM using a SAT solver. Although attacks using the new characteristics are limited to the reduced rounds of CHAM, it is preferable to increase the number of rounds to ensure a sufficient security margin. The numbers of rounds of CHAM-64/128, CHAM-128/128, and CHAM-128/256 are increased from 80 to 88, 80 to 112, and 96 to 120, respectively. We provide strong evidence that CHAM with these new numbers of rounds is secure enough against (related-key) differential cryptanalysis. Because increasing the number of rounds does not affect the area in low-area hardware implementations, the revised CHAM is still excellent in lightweight hardware implementations. In software, the revised CHAM is still comparable to SPECK, one of the top-ranked algorithms in software.
KW - (Related-key) Differential cryptanalysis
KW - CHAM
KW - Lightweight block cipher
KW - SAT solver
UR - https://www.scopus.com/pages/publications/85081179325
U2 - 10.1007/978-3-030-40921-0_1
DO - 10.1007/978-3-030-40921-0_1
M3 - Conference contribution
AN - SCOPUS:85081179325
SN - 9783030409203
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 1
EP - 19
BT - Information Security and Cryptology – ICISC 2019 - 22nd International Conference, Revised Selected Papers
A2 - Seo, Jae Hong
PB - Springer
T2 - 22nd International Conference on Information Security and Cryptology, ICISC 2019
Y2 - 4 December 2019 through 6 December 2019
ER -