Lesamnta-LW Revisited: Improved Security Analysis of Primitive and New PRF Mode.

2020 
In this paper we revisit the design of the Lesamnta-LW lightweight hash function, specified in ISO/IEC 29192-5:2016. Firstly, we present some updates on the bounds of the number of active S-boxes for the underlying cipher consisting of 64 rounds. The previous work showed that at least 24 active S-boxes are ensured after 24 rounds, while our tool based on Mixed Integer Linear Programming (MILP) in the framework of Mouha et al. shows that only 18 rounds are sufficient to ensure 24 active S-boxes. The tool can evaluate the tight bound of the number of active S-boxes for more rounds, which shows that 103 active S-boxes are ensured after full (64) rounds. We also provide security analysis of the Shuffle operation in the round function. Secondly, we propose a new mode for building a pseudo-random function (PRF) based on Lesamnta-LW. The previous PRF modes can only process 128 bits per block-cipher call, while the new mode can process 256 bits to achieve the double throughput. We prove its security both in the standard model and the ideal cipher model.
    • Correction
    • Source
    • Cite
    • Save
    • Machine Reading By IdeaReader
    16
    References
    1
    Citations
    NaN
    KQI
    []