Related-Key Differential Attacks on Reduced-Round LBlock

LBlock, as one of the typical lightweight encryption schemes, is a 32-round block cipher with 64 bit block and 80 bit master key. It can be widely applied in the IoT environment because of its friendly software and hardware implementations. Since it came out, it has encountered many attacks. In this paper, we evaluate LBlock’s ability against related-key differential attack more accurately based on SMT method. On the one hand, we propose tighter lower bounds on the minimal number of active S-boxes for up to 19 rounds of LBlock, which are 8 more rounds than previous ones. Then, we propose the upper bounds of total probabilities for up to 19 rounds of LBlock for the first time. On the other hand, with a suitable 17-round related-key differential distinguisher, we propose attacks on 22- and 23-round LBlock. Each of these attacks has lower time complexity and data complexity than previous ones for the same rounds of LBlock.