Date Published: November 2020
Author(s)
Daniel J. Bernstein (University of Illinois at Chicago), Henri Gilbert (UVSQ), Meltem Sönmez Turan (NIST)
This note provides two observations on COMET, a second round candidate of the NIST lightweight cryptography standardization process. The first observation uses a long message to detect the use of weak keys, whereas the second observation focuses on the resistance of COMET against slide attacks. These observations do not invalidate the security claims of the designers
This note provides two observations on COMET, a second round candidate of the NIST lightweight cryptography standardization process. The first observation uses a long message to detect the use of weak keys, whereas the second observation focuses on the resistance of COMET against slide attacks....
See full abstract
This note provides two observations on COMET, a second round candidate of the NIST lightweight cryptography standardization process. The first observation uses a long message to detect the use of weak keys, whereas the second observation focuses on the resistance of COMET against slide attacks. These observations do not invalidate the security claims of the designers
Hide full abstract
Keywords
COMET; distinguishers; Lightweight cryptography; slide attacks; weak subkeys
Control Families
None selected