Institutional Repository
| weak keys of the full misty1 block cipher for related-key differential cryptanalysis | |
| Lu Jiqiang; Yap Wun-She; Wei Yongzhuang | |
| 2013 | |
| 会议名称 | Cryptographers' Track at the RSA Conference 2013, CT-RSA 2013 |
| 会议录名称 | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| 页码 | 389-404 |
| 会议日期 | February 25, 2013 - March 1, 2013 |
| 会议地点 | San Francisco, CA, United states |
| 收录类别 | EI |
| ISSN | 0302-9743 |
| ISBN | 9783642360947 |
| 部门归属 | (1) Institute for Infocomm Research Agency for Science Technology and Research 1 Fusionopolis Way Singapore 138632 Singapore; (2) Faculty of Information Science and Technology Multimedia University Melaka 75450 Malaysia; (3) Guilin University of Electronic Technology Guilin City Guangxi Province 541004 China; (4) State Key Laboratory of Information Security Institute of Software Chinese Academy of Sciences Beijing 100190 China |
| 摘要 | The MISTY1 block cipher has a 64-bit block length, a 128-bit user key and a recommended number of 8 rounds. It is a Japanese CRYPTREC-recommended e-government cipher, a European NESSIE selected cipher, and an ISO international standard. Despite of considerable cryptanalytic efforts during the past fifteen years, there has been no published cryptanalytic attack on the full MISTY1 cipher algorithm. In this paper, we present a related-key differential attack on the full MISTY1 under certain weak key assumptions: We describe 2 103.57 weak keys and a related-key differential attack on the full MISTY1 with a data complexity of 261 chosen ciphertexts and a time complexity of 290.93 encryptions. For the first time, our result exhibits a cryptographic weakness in the full MISTY1 cipher (when used with the recommended 8 rounds), and shows that the MISTY1 cipher is distinguishable from an ideal cipher and thus cannot be regarded to be an ideal cipher. © 2013 Springer-Verlag.; The MISTY1 block cipher has a 64-bit block length, a 128-bit user key and a recommended number of 8 rounds. It is a Japanese CRYPTREC-recommended e-government cipher, a European NESSIE selected cipher, and an ISO international standard. Despite of considerable cryptanalytic efforts during the past fifteen years, there has been no published cryptanalytic attack on the full MISTY1 cipher algorithm. In this paper, we present a related-key differential attack on the full MISTY1 under certain weak key assumptions: We describe 2 103.57 weak keys and a related-key differential attack on the full MISTY1 with a data complexity of 261 chosen ciphertexts and a time complexity of 290.93 encryptions. For the first time, our result exhibits a cryptographic weakness in the full MISTY1 cipher (when used with the recommended 8 rounds), and shows that the MISTY1 cipher is distinguishable from an ideal cipher and thus cannot be regarded to be an ideal cipher. © 2013 Springer-Verlag. |
| 关键词 | Lyapunov Methods Security Of Data |
| 语种 | 英语 |
| 内容类型 | 会议论文 |
| URI标识 | http://ir.iscas.ac.cn/handle/311060/15898 |
| 专题 | 中国科学院软件研究所 |
| 推荐引用方式 GB/T 7714 | Lu Jiqiang,Yap Wun-She,Wei Yongzhuang. weak keys of the full misty1 block cipher for related-key differential cryptanalysis[C],2013:389-404. |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论