Design and cryptanalysis of block ciphers – BLOC

Cryptography is only one component of information security, but it is a crucial component.
Without cryptography, it would be impossible to establish secure communications between
users over insecure networks like the Internet. In particular, secret-key cryptography enables, after
having exchanged a shared master key, to establish a secure communication channel between users.

Since 30 years, the theory of cryptography has developed considerably.
However cryptography is not only a theoretical science: cryptographers
must keep in mind that the primitives they design are destined for a wide
range of platforms, from RFID tags to high-end computer workstations, on which
they must run as quickly and efficiently as possible. In particular, the last
5 years have seen the proliferation of ``lightweight'' block ciphers dedicated
to very constrained environments such as sensors and RFID tags.

Beside efficiency, security is of course the most important evaluation criterion
for a block cipher. In a departure from the traditional attack model (only dealing
with the property of pseudorandomness), a number of recent cryptanalytic results
have focused on so-called ``related-key'', ``known-key'', and ``chosen-key'' attacks,
unveiling concerning weaknesses in the key schedule of many prominent block ciphers,
especially the AES. Very few block ciphers propose security arguments taking into
account these stronger attacks, in particular no efficiently implementable one.

The BLOC project aims at taking up the challenge of proposing a block cipher
with strong security arguments regarding related-, known-, and chosen-key attacks, with
an implementation profile as lightweight as possible. This can only be achieved
by providing strong theoretical results about these new attack models and strong practical results
on the cryptanalysis of existing designs. Therefore, the main objectives of the project can be
split as follows.

First, the BLOC project aims at defining new security models
satisfactorily taking into account related-, known- and chosen-key attacks.
Once the security models are established, the BLOC project will provide
cryptographic high-level structures that could be proved secure in those new models.

Second, the BLOC project aims at carefully analyzing existing block ciphers
to convincingly assess the security level they provide against a wide range of attacks,
from classical ones to related-, known-, and chosen-key attacks. The cryptanalysis part of
the project will be particularly focused on recently proposed lightweight block ciphers.

Building on these two complementary points of view, the cornerstone of the BLOC project will be
the design of at least one block cipher taking into account the security models
and security proofs obtained in the two previous tasks, with a strong focus on the key schedule
algorithm. The proposal shall support strong security arguments regarding related-, known-, and chosen-key
attacks, and be as efficiently implementable as possible.

Finally, on a more pragmatic side, the BLOC project also aims at providing
a library of existing lightweight block ciphers for
small embedded systems such as sensorsand a complete implementation of
the block cipher designed during the project both in software and in hardware.