Impossible differential cryptanalysis of reduced–round Camellia–256

Access Full Text

Impossible differential cryptanalysis of reduced–round Camellia–256

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Add to cart
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)
Add to cart

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

© The Institution of Engineering and Technology
Published

Camellia, a 128-bit block cipher that has been accepted by ISO/IEC as an international standard, is increasingly being used in many cryptographic applications. In this study, the authors present a new impossible differential attack on a reduced version of Camellia-256 without FL/FL−1 functions and whitening. First, the authors introduce a new extension of the hash table technique and then exploit it to attack 16 rounds of Camellia-256. When, in an impossible differential attack, the size of the target subkey space is large and the filtration, in the initial steps of the attack, is performed slowly, the extended hash table technique will be very useful. The proposed attack on Camellia-256 requires 2124.1 known plaintexts and has a running time equivalent to about 2249.3 encryptions. In terms of the number of attacked rounds, our result is the best published attack on Camellia-256.

Inspec keywords: ISO standards; IEC standards; cryptography

Other keywords: cryptography; reduced-round Camellia-256 cipher; extended hash table technique; encryption; filtration; ISO international standard; differential cryptanalysis; impossible differential attack; block cipher; IEC international standard

Subjects: Cryptography theory; Data security; Cryptography

References

    1. 1)
      • Hatano, Y., Sekine, H., Kaneko, T.: `Higher order differential attack of camellia (II)', SAC 2002, p. 129–146, 2002, (LNCS, 2595).
    2. 2)
    3. 3)
      • Biham, E., Biryukov, A., Shamir, A.: `Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials', EUROCRYPT 1999, p. 12–23, 1999, (LNCS, 1592).
    4. 4)
      • Mala, H., Shakiba, M., Dakhilalian, M., Bagherikaram, G.: `New results on impossible differential cryptanalysis of reduced-round Camellia-128', SAC 2009, p. 281–294, 2009, (LNCS, 5867).
    5. 5)
      • Yeom, Y., Park, S., Kim, I.: `On the security of Camellia against the square attack', FSE 2002, p. 89–99, 2002, (LNCS, 2365).
    6. 6)
      • Shirai, T.: `Differential, linear, boomerang and rectangle cryptanalysis of reduced-round Camellia', Proc. Third NESSIE Workshop, November 2002.
    7. 7)
      • Lei, D., Chao, L., Feng, K.: `New observation on Camellia', SAC 2005, p. 51–64, 2005, (LNCS, 3897).
    8. 8)
      • Lu, J., Kim, J., Keller, N., Dunkelman, O.: `Improving the efficiency of impossible differential cryptanalysis of reduced Camellia and MISTY1', CT–RSA 2008, p. 370–386, 2008, (LNCS, 4964).
    9. 9)
      • K. Aoki , T. Ichikawa , M. Kanda . Specification of Camellia – a 128-bit block cipher.
    10. 10)
      • Lee, S., Hong, S., Lee, S., Lim, J., Yoon, S.: `Truncated differential cryptanalysis of Camellia', ICISC 2001, p. 32–38, 2001, (LNCS, 2288).
    11. 11)
      • Duo, L., Li, C., Feng, K.: `Square like attack on Camellia', ICISC 2007, p. 269–283, 2007, (LNCS, 4861).
    12. 12)
      • W. Wu , D. Feng , H. Chen . Collision attack and pseudorandomness of reduced-round Camellia.
    13. 13)
      • Kanda, M., Matsumoto, T.: `Security of Camellia against truncated differential cryptanalysis', FSE 2001, p. 119–137, 2001, (LNCS, 2355).
    14. 14)
      • Sugita, M., Kobara, K., Imai, H.: `Security of reduced version of the block cipher Camellia against truncated and impossible differential cryptanalysis', ASIACRYPT 2001, p. 193–207, 2001, (LNCS, 2248), Heidelberg, 2001.
    15. 15)
      • Wu, W., Zhang, L., Zhang, W.: `Improved impossible differential cryptanalysis of reduced-round Camellia', SAC 2008, p. 442–456, 2008, (LNCS, 5381).
    16. 16)
      • Aoki, K., Ichikawa, T., Kanda, M.: `Camellia: a 128-bit block cipher suitable for multiple platforms – design and analysis', SAC 2000, p. 39–56, 2000, (LNCS, 2012).
    17. 17)
      • Lu, J.: `Cryptanalysis of block ciphers', 2008, PhD, University of London, Department of Mathematics, Royal Holloway, England.
    18. 18)
      • International Standard – ISO/IEC 18033-3: ‘Information technology – security techniques – encryption algorithms – Part 3: Block ciphers’, July 2005.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2010.0094
Loading

Related content

content/journals/10.1049/iet-ifs.2010.0094
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading