Algebraic Cryptanalysis of STARK-Friendly Designs: Application to MARVELlous and MiMC

Martin R. Albrecht, Carlos Cid, Lorenzo Grassi, Dmitry Khovratovich, Reinhard Lüftenegger, Christian Rechberger, Markus Schofnegger

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The block cipher Jarvis and the hash function Friday, both members of the MARVELlous family of cryptographic primitives, were recently proposed as custom designs aimed at addressing bottlenecks involving practical applications of STARKs. In the proposal several types of algebraic attacks were ruled out, and security arguments from Rijndael/AES were used to inform the choice for the number of rounds, with extra security margin added. In this work we describe new algebraic attacks on Jarvis and Friday using Gröbner bases, showing that the proposed number of rounds is not sufficient to provide security. In Jarvis, the round function is obtained by combining a finite field inversion S-box with a full-degree linearised permutation polynomial. However, we show that even though the high degree of this polynomial should prevent some algebraic attacks (as claimed by the designers), their particular algebraic properties make the designs vulnerable to Gröbner basis attacks. Our analysis illustrates that block cipher designs for algebraic platforms such as STARKs, FHE or MPC may be particularly vulnerable to algebraic attacks. Finally, we argue that MiMC -- a cipher similar in structure to Jarvis -- is resistant against our proposed attack strategy.
Original languageEnglish
Title of host publicationAdvances in Cryptology - ASIACRYPT 2019
Place of PublicationCham
PublisherSpringer
Pages371-397
ISBN (Print)978-3-030-34617-
DOIs
Publication statusPublished - 2019
EventASIACRYPT 2019 - Kobe, Japan
Duration: 8 Dec 201912 Dec 2019

Publication series

NameLecture Notes in Computer Science
Volume11923

Conference

ConferenceASIACRYPT 2019
CountryJapan
CityKobe
Period8/12/1912/12/19

Keywords

  • Gröbner Basis
  • MARVELlous
  • Jarvis
  • Friday
  • MiMC
  • STARKs
  • Algebraic Cryptanalysis
  • Arithmetic Circuits

Fingerprint Dive into the research topics of 'Algebraic Cryptanalysis of STARK-Friendly Designs: Application to MARVELlous and MiMC'. Together they form a unique fingerprint.

  • Activities

    • 1 Talk at conference or symposium

    Algebraic Cryptanalysis of STARK-Friendly Designs: Application to MARVELlous and MiMC

    Reinhard Lüftenegger (Speaker)
    19 Dec 2019

    Activity: Talk or presentationTalk at conference or symposiumScience to science

    Cite this

    Albrecht, M. R., Cid, C., Grassi, L., Khovratovich, D., Lüftenegger, R., Rechberger, C., & Schofnegger, M. (2019). Algebraic Cryptanalysis of STARK-Friendly Designs: Application to MARVELlous and MiMC. In Advances in Cryptology - ASIACRYPT 2019 (pp. 371-397). (Lecture Notes in Computer Science; Vol. 11923). Cham: Springer. https://doi.org/10.1007/978-3-030-34618-8_13