TY - JOUR
T1 - The reality of backdoored S-Boxes—An eye opener
AU - Fahd, Shah
AU - Afzal, Mehreen
AU - Iqbal, Waseem
AU - Shah, Dawood
AU - Khalid, Ijaz
N1 - Publisher Copyright:
© 2023 Elsevier Ltd
DBLP License: DBLP's bibliographic metadata records provided through http://dblp.org/ are distributed under a Creative Commons CC0 1.0 Universal Public Domain Dedication. Although the bibliographic metadata records are provided consistent with CC0 1.0 Dedication, the content described by the metadata records is not. Content may be subject to copyright, rights of privacy, rights of publicity and other restrictions.
PY - 2024/2/1
Y1 - 2024/2/1
N2 - The real-life incidents researched in academia have revealed that (possibly) state-level efforts are made to camouflage the intentional flaws in the mathematical layer of an S-Box for exploiting the information-theoretic properties, i.e., Kuznyechik. To investigate the common features in the intentionally weakened mappings, this research thoroughly examines the backdoored structures from the perspective of 24 cryptanalytic attack vectors available in the open literature. We have debunked the earlier claims by the backdoor engineers that the proposed designs are stealthy against statistical distinguishers. Although a backdoored architecture fulfils the notions of randomness, it lacks the strength to resist sophisticated cryptanalytic attacks. Our analysis has revealed that during the backdoor insertion phase, a malicious designer compromises vital cryptographic properties, prominently the algebraic degree, differential trails, avalanche characteristics and leaving the open ground for hybrid cryptanalytic attacks. It is also observed that these mappings attain the upper bound of BCT, FBCT and DLCT, paving the way for hybrid attacks with high probability and lower data complexity.
AB - The real-life incidents researched in academia have revealed that (possibly) state-level efforts are made to camouflage the intentional flaws in the mathematical layer of an S-Box for exploiting the information-theoretic properties, i.e., Kuznyechik. To investigate the common features in the intentionally weakened mappings, this research thoroughly examines the backdoored structures from the perspective of 24 cryptanalytic attack vectors available in the open literature. We have debunked the earlier claims by the backdoor engineers that the proposed designs are stealthy against statistical distinguishers. Although a backdoored architecture fulfils the notions of randomness, it lacks the strength to resist sophisticated cryptanalytic attacks. Our analysis has revealed that during the backdoor insertion phase, a malicious designer compromises vital cryptographic properties, prominently the algebraic degree, differential trails, avalanche characteristics and leaving the open ground for hybrid cryptanalytic attacks. It is also observed that these mappings attain the upper bound of BCT, FBCT and DLCT, paving the way for hybrid attacks with high probability and lower data complexity.
KW - Backdoors
KW - Cryptanalysis
KW - Cryptography
KW - Information security
KW - Linear structures
KW - Nontrivial subspaces
KW - Quotient groups
KW - S-Box
UR - http://www.scopus.com/inward/record.url?scp=85181730840&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85181730840&partnerID=8YFLogxK
UR - https://www.mendeley.com/catalogue/42fa53eb-8ee7-3908-8cb6-dec15950b4be/
U2 - 10.1016/j.jisa.2023.103674
DO - 10.1016/j.jisa.2023.103674
M3 - Article
AN - SCOPUS:85181730840
SN - 2214-2134
VL - 80
JO - Journal of Information Security and Applications
JF - Journal of Information Security and Applications
M1 - 103674
ER -