Algebraic Attacks against Grendel: An Arithmetization-Oriented Primitive with the Legendre Symbol-Reference-Cited by-同舟云学术

Algebraic Attacks against Grendel: An Arithmetization-Oriented Primitive with the Legendre Symbol

Published:2023-08-10 Issue:8 Volume:15 Page:1563
ISSN:2073-8994
Container-title:Symmetry
language:en
Short-container-title:Symmetry

Author:

Ni Jianqiang¹^ORCID,Zhang Jianhui²,Wang Gaoli¹,Li Rui³,Shen Yanzhao⁴

Affiliation:

1. Shanghai Key Laboratory of Trustworthy Computing, East China Normal University, Shanghai 200062, China

2. R&D Center, Shandong Luruan Digital Technology Co., Ltd., Jinan 250101, China

3. Inspur Academy of Science and Technology, Jinan 250014, China

4. Shandong Institute of Blockchain, Jinan 250101, China

Abstract

The rise of modern cryptographic protocols such as Zero-Knowledge proofs and secure Multi-party Computation has led to an increased demand for a new class of symmetric primitives. Unlike traditional platforms such as servers, microcontrollers, and desktop computers, these primitives are designed to be implemented in arithmetical circuits. In terms of security evaluation, arithmetization-oriented primitives are more complex compared to traditional symmetric cryptographic primitives. The arithmetization-oriented permutation Grendel employs the Legendre Symbol to increase the growth of algebraic degrees in its nonlinear layer. To analyze the security of Grendel thoroughly, it is crucial to investigate its resilience against algebraic attacks. This paper presents a preimage attack on the sponge hash function instantiated with the complete rounds of the Grendel permutation, employing algebraic methods. A technique is introduced that enables the elimination of two complete rounds of substitution permutation networks (SPN) in the sponge hash function without significant additional cost. This method can be combined with univariate root-finding techniques and Gröbner basis attacks to break the number of rounds claimed by the designers. By employing this strategy, our attack achieves a gain of two additional rounds compared to the previous state-of-the-art attack. With no compromise to its security margin, this approach deepens our understanding of the design and analysis of such cryptographic primitives.

Funder

National Key Research and Development Program of China

National Natural Science Foundation of China

Shanghai Trusted Industry Internet Software Collaborative Innovation Center

Publisher

MDPI AG

Subject

Physics and Astronomy (miscellaneous),General Mathematics,Chemistry (miscellaneous),Computer Science (miscellaneous)

Link

https://www.mdpi.com/2073-8994/15/8/1563/pdf

Reference46 articles.

1. MiMC: Efficient Encryption and Cryptographic Hashing with Minimal Multiplicative Complexity;Cheon;Advances in Cryptology—ASIACRYPT 2016, Proceedings of the 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, 4–8 December 2016, Proceedings, Part I,2016

2. Feistel Structures for MPC, and More;Sako;Computer Security—ESORICS 2019, Proceedings of the 24th European Symposium on Research in Computer Security, Luxembourg, 23–27 September 2019, Proceedings, Part II,2019

3. On a Generalization of Substitution-Permutation Networks: The HADES Design Strategy;Canteaut;Advances in Cryptology—EUROCRYPT 2020, Proceedings of the 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, 10–14 May 2020, Proceedings, Part II,2020

4. Bailey, M., and Greenstadt, R. (2021). USENIX Security 2021, Proceedings of the 30th USENIX Security Symposium, 11–13 August 2021, Springer. USENIX Association.

5. Masta: An HE-Friendly Cipher Using Modular Arithmetic;Ha;IEEE Access,2020