Kara, Orhun

Profile URL
https://hdl.handle.net/11147/15909
Name Variants
Kara, O.
Kara, O
Job Title
Email Address
orhunkara@iyte.edu.tr
Main Affiliation
04.02. Department of Mathematics
Status
Current Staff
Website
http://web.iyte.edu.tr/~orhunkara/
ORCID ID
0000-0002-9685-6625
Scopus Author ID
23396967100
Turkish CoHE Profile ID
Google Scholar ID
lJ4V6w0AAAAJ
WoS Researcher ID
ABB-3213-2020

Sustainable Development Goals

NO POVERTY1
NO POVERTY
0
Research Products
ZERO HUNGER2
ZERO HUNGER
0
Research Products
GOOD HEALTH AND WELL-BEING3
GOOD HEALTH AND WELL-BEING
0
Research Products
QUALITY EDUCATION4
QUALITY EDUCATION
0
Research Products
GENDER EQUALITY5
GENDER EQUALITY
0
Research Products
CLEAN WATER AND SANITATION6
CLEAN WATER AND SANITATION
0
Research Products
AFFORDABLE AND CLEAN ENERGY7
AFFORDABLE AND CLEAN ENERGY
1
Research Products
DECENT WORK AND ECONOMIC GROWTH8
DECENT WORK AND ECONOMIC GROWTH
0
Research Products
INDUSTRY, INNOVATION AND INFRASTRUCTURE9
INDUSTRY, INNOVATION AND INFRASTRUCTURE
0
Research Products
REDUCED INEQUALITIES10
REDUCED INEQUALITIES
0
Research Products
SUSTAINABLE CITIES AND COMMUNITIES11
SUSTAINABLE CITIES AND COMMUNITIES
0
Research Products
RESPONSIBLE CONSUMPTION AND PRODUCTION12
RESPONSIBLE CONSUMPTION AND PRODUCTION
0
Research Products
CLIMATE ACTION13
CLIMATE ACTION
0
Research Products
LIFE BELOW WATER14
LIFE BELOW WATER
0
Research Products
LIFE ON LAND15
LIFE ON LAND
0
Research Products
PEACE, JUSTICE AND STRONG INSTITUTIONS16
PEACE, JUSTICE AND STRONG INSTITUTIONS
0
Research Products
PARTNERSHIPS FOR THE GOALS17
PARTNERSHIPS FOR THE GOALS
0
Research Products
Documents

25

Citations

148

h-index

7

Go to Scopus profile
Documents

0

Citations

0

Go to WoS profile
Scholarly Output

12

Articles

6

Views / Downloads

10580/728

Supervised MSc Theses

0

Supervised PhD Theses

0

WoS Citation Count

13

Scopus Citation Count

22

Patents

0

Projects

1

WoS Citations per Publication

1.08

Scopus Citations per Publication

1.83

Open Access Source

6

Supervised Theses

0

JournalCount
Security of Ubiquitous Computing Systems: Selected Topics2
IEEE Transactions on Information Forensics and Security2
Cryptologia1
Designs, Codes, and Cryptography1
IEEE Access1
Current Page: 1 / 2

Scopus Quartile Distribution

Competency Cloud

GCRIS Competency Cloud

Filters

2021 - 202612

Settings

search.filters.applied.f.isAuthorOfPublication: search.filters.isAuthorOfPublication.fac6ed1c-26cb-41d9-ba18-b8f37fb59f35

Scholarly Output Search Results

Now showing 1 - 10 of 12
  • Article
    Citation - WoS: 1
    Citation - Scopus: 2
    New Security Proofs and Complexity Records for Advanced Encryption Standard
    (IEEE-Inst Electrical Electronics Engineers Inc, 2023) Kara, Orhun
    Common block ciphers like AES specified by the NIST or KASUMI (A5/3) of GSM are extensively utilized by billions of individuals globally to protect their privacy and maintain confidentiality in daily communications. However, these ciphers lack comprehensive security proofs against the vast majority of known attacks. Currently, security proofs are limited to differential and linear attacks for both AES and KASUMI. For instance, the consensus on the security of AES is not based on formal mathematical proofs but on intensive cryptanalysis over its reduced rounds spanning several decades. In this work, we introduce new security proofs for AES against another attack method: impossible differential (ID) attacks. We classify ID attacks as reciprocal and nonreciprocal ID attacks. We show that sharp and generic lower bounds can be imposed on the data complexities of reciprocal ID attacks on substitution permutation networks. We prove that the minimum data required for a reciprocal ID attack on AES using a conventional ID characteristic is 2(66) chosen plaintexts whereas a nonreciprocal ID attack involves at least 2(88) computational steps. We mount a nonreciprocal ID attack on 6-round AES for 192-bit and 2(56)-bit keys, which requires only 2(18) chosen plaintexts and outperforms the data complexity of any attack. Given its marginal time complexity, this attack does not pose a substantial threat to the security of AES. However, we have made enhancements to the integral attack on 6-round AES, thereby surpassing the longstanding record for the most efficient attack after a period of 23 years.
  • Article
    Citation - Scopus: 1
    Lower Data Attacks on Advanced Encryption Standard
    (Turkiye Klinikleri, 2024) Kara, Orhun
    The Advanced Encryption Standard (AES) is one of the most commonly used and analyzed encryption algorithms. In this work, we present new combinations of some prominent attacks on AES, achieving new records in data requirements among attacks, utilizing only $2^4 and 2^{16}$ chosen plaintexts (CP) for 6-round and 7-round AES- 192/256, respectively. One of our attacks is a combination of a meet-in-the-middle (MiTM) attack with a square attack mounted on 6-round AES-192/256 while another attack combines an MiTM attack and an integral attack, utilizing key space partitioning technique, on 7-round AES-192/256. Moreover, we illustrate that impossible differential (ID) attacks can be viewed as the dual of MiTM attacks in certain aspects which enables us to recover the correct key using the meet-in-the-middle (MiTM) technique instead of sieving through all potential wrong keys in our ID attack. Furthermore, we introduce the constant guessing technique in the inner rounds which significantly reduces the number of key bytes to be searched. The time and memory complexities of our attacks remain marginal.
  • Article
    Citation - WoS: 2
    Square Impossible Differential Attack and Security of Aes in Known Plaintext Scenario
    (Taylor & Francis inc, 2024) Kara, Orhun
    In this work, we examine the security of the 8-round AES, under the known plaintext attack scenario, a type of cryptographic attack in which an attacker has access to the plaintext and corresponding ciphertext pairs. We present an innovative impossible differential (ID) attack technique, which utilizes a specific ID characteristic, to perform the first known plaintext attack on the 8-round AES with a 256-bit key. Additionally, we propose a new attack methodology, known as the Square Impossible Differential (SID) attack, to enhance the effectiveness of the ID attacks on AES in chosen ciphertext or plaintext scenarios. The SID attack is a combination of a square attack and an ID attack. Our methodology introduces various new approaches, including the key indicator vectors, eliminating the key candidate through the Meet-in-The-Middle technique and mounting the guess and determine attack through the hash tables for the two-round decryption of one column of AES while determining the subkeys constituting the impossible differential characteristic for a given plaintext/ciphertext difference pair. Our approach demonstrates lower computational complexity compared to previous methods, and our analysis shows that the complexities of our known plaintext attack and SID attack are estimated to be 2220 and 2209, respectively.
  • Conference Object
    A 10-Round Attack on Midori-64
    (Institute of Electrical and Electronics Engineers Inc., 2025) Balikci, C.; Kara, O.
    Midori is a lightweight block cipher introduced by Banik et al. at ASIACRYPT 2015. It comes in two variants: Midori-64, which has a 64-bit state with 16 rounds, and Midori128, which has a 128 -bit state with 20 rounds. Both use a 128 -bit key. In this work, we present the first truncated differential attack on Midori-64. We construct a 6-round truncated differential by precisely computing the propagation probabilities of specific truncated differences through the cipher's matrix multiplication layer, as well as identifying the positions they may occupy. We also determine its exact probability, with a ratio of approximately 1.85 compared to a random permutation. Using this distinguisher, we mount the first known truncated differential attack on 10 -round Midori-64. Although our attack does not compromise the fullround cipher, it ranks among the most effective known attacks on reduced-round Midori. © 2025 IEEE.
  • Book Part
    Citation - Scopus: 10
    Catalog and Illustrative Examples of Lightweight Cryptographic Primitives
    (Springer International Publishing, 2021) Mileva,A.; Dimitrova,V.; Kara,O.; Mihaljević,M.J.
    The main objective of this chapter is to offer to practitioners, researchers and all interested parties a brief categorized catalog of existing lightweight symmetric primitives with their main cryptographic features, ultimate hardware performance, and existing security analysis, so they can easily compare the ciphers or choose some of them according to their needs. Certain security evaluation issues have been addressed as well. In particular, the reason behind why modern lightweight block cipher designs have in the last decade overwhelmingly dominated stream cipher design is analyzed in terms of security against tradeoff attacks. It turns out that it is possible to design stream ciphers having much smaller internal states. © The Editor(s) (if applicable) and The Author(s) 2021.
  • Article
    Citation - WoS: 2
    Citation - Scopus: 3
    Integral Characteristics by Keyspace Partitioning
    (Springer, 2022) Demirbaş, Fatih; Kara, Orhun
    In this work, we introduce a new method we call integral by keyspace partitioning to construct integral characteristics for some block ciphers by introducing new integral properties. We introduce the concepts of active with constant difference and identically active integral properties. Then, we divide the key space into equivalence classes and construct integral characteristics for each equivalence class individually by using these integral properties. We exploit the binary diffusion layer and key schedule algorithm of a block cipher to propagate these integral properties through rounds. We apply the new method to the Byte-oriented Substitution-Permutation Network (BSPN) cipher and Midori64 to show its effectiveness. We construct the first iterative integral characteristic for a block cipher to the best of our knowledge. We extend this iterative characteristic for the (M, n)-(BSPN) block cipher where each block of BSPN contains M number of n× n S-Boxes with the block and key sizes M· n. Using at most (M-12)+1 (only 106 when M= 16) chosen plaintexts, we mount key recovery attacks for the first time on BSPN and recover the key for the full round. The time complexity of the key recovery is almost independent of the number of rounds. We also use our method to construct an integral characteristic for Midori64, which can be utilized for a key recovery attack on 11-round Midori64. Our results impose a new security criteria for the design of the key schedule algorithm for some block ciphers.
  • Article
    Citation - WoS: 1
    Citation - Scopus: 1
    Plaintext Recovery and Tag Guessing Attacks on Authenticated Encryption Algorithm Colm
    (Elsevier, 2022) Ulusoy, Sırrı Erdem; Kara, Orhun; Efe, Mehmet Önder
    There are three main approaches related to cryptanalysis of Authenticated Encryption with Associated Data (AEAD) algorithms: Simulating the encryption oracle (universal forgery attack), simulating the decryption oracle (plaintext recovery attack) and producing the valid tag of a given ciphertext (tag guessing attack). In this work, we analyze the security of COLM in these approaches. COLM is one of the AEAD algorithms chosen in the final portfolio for defense-in-depth use case of the CAESAR competition. The ciphers in this portfolio are supposed to provide robust security with their multiple layered defense mechanisms. The main motivation of this work is to examine if COLM indeed satisfies defense-in-depth security. We make cryptanalysis of COLM, particularly in the chosen ciphertext attack (CCA) scenario, once its secret whitening parameter L=EK(0) is recovered. To the best of our knowledge, we give the first example of querying an EME/EMD (Encrypt-linearMix-Encrypt/Decrypt) AEAD scheme in its decryption direction for arbitrary ciphertexts, not produced previously by the oracle, namely either a forgery or tag guessing attack. We construct SEBC/SDBC (Simulation models of the Encryption/Decryption oracles of the underlying Block Cipher) of COLM, thereby forming the first examples of these models of an authenticated EME scheme simultaneously. The combination of our SEBC/SDBC is a powerful tool to mount a universal forgery attack, a tag guessing attack and a plaintext recovery attack. All of these attacks have polynomial time complexities once L is recovered in the offline phase, indicating that the security of COLM against plaintext recovery and tag guessing attacks is limited by the birthday bound. Apart from exploiting SEBC/SDBC, we mount a pair of plaintext recovery attacks and another universal forgery attack. Finally, we make some suggestions to prevent our attacks.
  • Correction
    Citation - WoS: 1
    A New Construction Method for Keystream Generators (vol 18, Pg 3735, 2023)
    (Ieee-inst Electrical Electronics Engineers inc, 2024) Gul, Cagdas; Kara, Orhun
    The authors would like to extend their apologies for the inadvertent inclusion of an erroneous index of the matrix ${M}$ for DIZY-80 in [1]. We sincerely regret any inconvenience caused by this typographical error and appreciate the chance to rectify it.
  • Book Part
    Selected Design and Analysis Techniques for Contemporary Symmetric Encryption
    (Springer International Publishing, 2021) Mikhalev,V.; Mihaljević,M.J.; Kara,O.; Armknecht,F.
    In this chapter we provide an overview of selected methods for the design and analysis of symmetric encryption algorithms that have recently been published. We start by discussing the practical advantages, limitations and security of the keystream generators with keyed update functions which were proposed for reducing the area cost of stream ciphers. Then we present an approach to enhancing the security of certain encryption schemes by employing a universal homophonic coding and randomized encryption paradigm. © The Editor(s) (if applicable) and The Author(s) 2021.
  • Conference Object
    Differential and Linear Analyses of Dizy Through MILP Modeling
    (Springer Science and Business Media Deutschland GmbH, 2026) İlter, M.B.; Koçak, O.; Kara, O.; Sulak, F.
    In this work, we present the first independent security analysis of DIZY, a recently proposed ultra-lightweight stream cipher with two variants: DIZY-80 and DIZY-128. Our analysis focuses on DIZY’s resistance to linear and differential cryptanalysis. We employ a formal technique known as Mixed Integer Linear Programming (MILP), which enables us to model the internal structure of DIZY and search for characteristics that describe how XOR differences or linear masks propagate through the cipher. Specifically, we construct such characteristics to evaluate how many S-boxes become “active” during keystream generation, as this number directly affects the cipher’s resistance to these attacks. Contrary to the designers’ claim that any linear or differential characteristic over 8 rounds must involve at least 20 active S-boxes in DIZY-80 and 22 in DIZY-128, we identify characteristics with only 18 differentially or linearly active S-boxes and 20 linearly active S-boxes, respectively. We mount two distinguishing attacks on each cipher. Our 3-round linear distinguishing attack requires 223 bits of keystream, while the 4-round version requires 235 bits for DIZY-128 and DIZY-80, respectively. Our 2-round differential resynchronization attacks succeed using only the first four bytes of keystream data from approximately 230 and 226 different initializations with chosen initialization vectors (IVs) for DIZY-128 and DIZY-80, respectively. While these attacks do not compromise the full 15-round version of the cipher, they provide valuable insights into the design of DIZY and contribute to a deeper understanding of the security requirements of its diffusion layer. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2026.