Borghoff, Julia2; Knudsen, Lars Ramkilde2; Leander, Gregor2; Thomsen, Søren Steffen2
1 Cryptology, Department of Applied Mathematics and Computer Science, Technical University of Denmark2 Department of Applied Mathematics and Computer Science, Technical University of Denmark
This paper considers PRESENT-like ciphers with key-dependent S-boxes. We focus on the setting where the same selection of S-boxes is used in every round. One particular variant with 16 rounds, proposed in 2009, is broken in practice in a chosen plaintext/chosen ciphertext scenario. Extrapolating these results suggests that up to 28 rounds of such ciphers can be broken. Furthermore, we outline how our attack strategy can be applied to an extreme case where the S-boxes are chosen uniformly at random for each round, and where the bit permutation is key-dependent as well.
Journal of Cryptology, 2013, Vol 26, Issue 1, p. 11-38