Open AccessDistinguishing Attack on NORX Permutation
Author(s) -
Tao Huang,
Hongjun Wu
Publication year - 2018
Publication title -
iacr transaction on symmetric cryptology
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.715
H-Index - 10
ISSN - 2519-173X
DOI - 10.46586/tosc.v2018.i1.57-73
Subject(s) - permutation (music) , random permutation , computer science , authenticated encryption , partial permutation , pseudorandom permutation , encryption , mathematics , permutation graph , computer security , theoretical computer science , combinatorics , block cipher , block (permutation group theory) , physics , graph , acoustics
NORX is a permutation-based authentication scheme which is currently a third-round candidate of the ongoing CAESAR competition. The security bound of NORX is derived from the sponge construction applied to an ideal underlying permutation. In this paper, we show that the NORX core permutation is non-ideal with a new distinguishing attack. More specifically, we can distinguish NORX64 permutation with 248.5 queries and distinguish NORX32 permutation with 264.7 queries using carefully crafted differential-linear attacks. We have experimentally verified the distinguishing attack on NORX64 permutation. Although the distinguishing attacks reveal the weakness of the NORX permutation, it does not directly threat the security of the NORX authenticated encryption scheme.