{"title":"Impossible Differential Cryptanalysis on Deoxys-BC-256","authors":"Alireza Mehrdad, F. Moazami, H. Soleimany","doi":"10.22042/ISECURE.2018.114245.405","DOIUrl":null,"url":null,"abstract":"Deoxys is a final-round candidate of the CAESAR competition. Deoxys is built upon an internal tweakable block cipher Deoxys-BC, where in addition to the plaintext and key, it takes an extra non-secret input called a tweak. This paper presents the first impossible differential cryptanalysis of Deoxys-BC-256 which is used in Deoxys as an internal tweakable block cipher. First, we find a 4.5-round ID characteristic by utilizing a miss-in-the-middle-approach. We then present several cryptanalysis based upon the 4.5 rounds distinguisher against round-reduced Deoxys-BC-256 in both single-key and related-key settings. Our contributions include impossible differential attacks on up to 8-round Deoxys-BC-256 in the single-key model. Our attack reaches 9 rounds in the related-key related-tweak model which has a slightly higher data complexity than the best previous results obtained by a related-key related-tweak rectangle attack presented at FSE 2018, but requires a lower memory complexity with an equal time complexity.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ISC Int. J. Inf. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.22042/ISECURE.2018.114245.405","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 11
Abstract
Deoxys is a final-round candidate of the CAESAR competition. Deoxys is built upon an internal tweakable block cipher Deoxys-BC, where in addition to the plaintext and key, it takes an extra non-secret input called a tweak. This paper presents the first impossible differential cryptanalysis of Deoxys-BC-256 which is used in Deoxys as an internal tweakable block cipher. First, we find a 4.5-round ID characteristic by utilizing a miss-in-the-middle-approach. We then present several cryptanalysis based upon the 4.5 rounds distinguisher against round-reduced Deoxys-BC-256 in both single-key and related-key settings. Our contributions include impossible differential attacks on up to 8-round Deoxys-BC-256 in the single-key model. Our attack reaches 9 rounds in the related-key related-tweak model which has a slightly higher data complexity than the best previous results obtained by a related-key related-tweak rectangle attack presented at FSE 2018, but requires a lower memory complexity with an equal time complexity.
Deoxys是CAESAR竞赛的最后一轮候选人。Deoxys是建立在一个内部可调整的分组密码Deoxys- bc之上的,除了明文和密钥之外,它还需要一个额外的非秘密输入,称为微调。本文提出了Deoxys- bc -256的第一个不可能差分密码分析,该密码分析在Deoxys中用作内部可调分组密码。首先,我们利用中间缺失方法找到4.5轮ID特征。然后,我们在单密钥和相关密钥设置下,基于4.5轮区分符对轮缩减Deoxys-BC-256进行了几个密码分析。我们的贡献包括在单密钥模型中对多达8轮Deoxys-BC-256的不可能差分攻击。我们的攻击在关联键相关调整模型中达到9轮,与FSE 2018上提出的关联键相关调整矩形攻击获得的最佳结果相比,该模型的数据复杂度略高,但在相同的时间复杂度下需要更低的内存复杂度。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
