Analysis of Lightweight and Efficient Symmetric-Key Primitives

Ralph Ankele

Research output: ThesisDoctoral Thesis

1278 Downloads (Pure)


Symmetric-key primitives are used to ensure the confidentiality of two or more parties to maintain a private communication channel. While legacy cryptographic primitives just ensure the confidentiality of messages, modern symmetric-key algorithms further grant integrity and authenticity, simultaneously.
With the rise of the Internet, and the flourishing digitalisation of many services, privacy and security of those communication channels became more and more important. Many conventional standards and recommendations for cryptographic algorithms have been published. Those include for block ciphers the Data Encryption Standard (DES), and the Advanced Encryption Standard (AES), and for hash functions the Secure Hash Algorithms SHA-1, SHA-2, and Keccak as SHA-3. Yet, modern cryptographic algorithms are designed to run on desktop/server systems, however, in resource constrained environments those conventional cryptographic standards are often inefficient or difficult to implement. Lightweight cryptography emerged from the lack of primitives that are capable of running in highly constraint but interconnected environments (i.e., sensor networks, automotive systems, RFID tags, and smart grids) the Internet of Things (IoT) in general.
This thesis presents novel advances in those areas. The research in this thesis is split in two parts, contributing to the foundations and the cryptanalysis of lightweight and efficient symmetric-key primitives.
In Part I of this thesis, we present a broad study of different design strategies of lightweight block ciphers against the security of differential cryptanalysis. Accordingly, we show that many lightweight ciphers have a significant gap between single differential trails and differentials. Furthermore, we study energy-efficient S-boxes, that are an important building block of ciphers based on substitution permutation networks. In our research, we analyse all 4-bit S-boxes and give recommendations for S-boxes with low-energy consumption that can be used in battery-powered embedded devices such as medical implants.
Part II focuses on cryptanalysis of lightweight block ciphers. First we present zero- correlation attacks on the STK construction of the Tweakey framework, by considering linear masks in the tweakey schedule. By transforming the attacks to integral attacks, we can reduce the data complexity and show attacks on the tweakable lightweight block ciphers Qarma, Skinny and Deoxys. Second, we study related- tweakey impossible differential attacks against the tweakable lightweight block cipher Skinny where we present an attacks on 23 (out of 36) rounds on Skinny-64/128. Third, we study differential attacks on reduced-round versions of the block cipher family Sparx. Sparx has recently been published and it is the first ARX-based block cipher with provable bounds against differential and linear cryptanalysis. In our work, we show truncated differential and rectangle attacks on several reduced-round versions of Sparx.
Original languageEnglish
Awarding Institution
  • Royal Holloway, University of London
  • Cid, Carlos, Supervisor
  • Paterson, Kenneth, Advisor
Award date1 May 2019
Publication statusUnpublished - 2018


  • symmetric cryptography
  • lightweight cryptography
  • Cryptography
  • Cryptanalysis
  • block cipher
  • stream ciphers
  • AES
  • Tweakable block cipher
  • differential cryptanalysis
  • linear cryptanalysis

Cite this