Institutional Repository
| weak keys of the full misty1 block cipher for related-key differential cryptanalysis | |
| Lu Jiqiang; Yap Wun-She; Wei Yongzhuang | |
| 2013 | |
| Conference Name | Cryptographers' Track at the RSA Conference 2013, CT-RSA 2013 |
| Source | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| Pages | 389-404 |
| Conference Date | February 25, 2013 - March 1, 2013 |
| Conference Place | San Francisco, CA, United states |
| Indexed Type | EI |
| ISSN | 0302-9743 |
| ISBN | 9783642360947 |
| Department | (1) Institute for Infocomm Research Agency for Science Technology and Research 1 Fusionopolis Way Singapore 138632 Singapore; (2) Faculty of Information Science and Technology Multimedia University Melaka 75450 Malaysia; (3) Guilin University of Electronic Technology Guilin City Guangxi Province 541004 China; (4) State Key Laboratory of Information Security Institute of Software Chinese Academy of Sciences Beijing 100190 China |
| English Abstract | The MISTY1 block cipher has a 64-bit block length, a 128-bit user key and a recommended number of 8 rounds. It is a Japanese CRYPTREC-recommended e-government cipher, a European NESSIE selected cipher, and an ISO international standard. Despite of considerable cryptanalytic efforts during the past fifteen years, there has been no published cryptanalytic attack on the full MISTY1 cipher algorithm. In this paper, we present a related-key differential attack on the full MISTY1 under certain weak key assumptions: We describe 2 103.57 weak keys and a related-key differential attack on the full MISTY1 with a data complexity of 261 chosen ciphertexts and a time complexity of 290.93 encryptions. For the first time, our result exhibits a cryptographic weakness in the full MISTY1 cipher (when used with the recommended 8 rounds), and shows that the MISTY1 cipher is distinguishable from an ideal cipher and thus cannot be regarded to be an ideal cipher. © 2013 Springer-Verlag.; The MISTY1 block cipher has a 64-bit block length, a 128-bit user key and a recommended number of 8 rounds. It is a Japanese CRYPTREC-recommended e-government cipher, a European NESSIE selected cipher, and an ISO international standard. Despite of considerable cryptanalytic efforts during the past fifteen years, there has been no published cryptanalytic attack on the full MISTY1 cipher algorithm. In this paper, we present a related-key differential attack on the full MISTY1 under certain weak key assumptions: We describe 2 103.57 weak keys and a related-key differential attack on the full MISTY1 with a data complexity of 261 chosen ciphertexts and a time complexity of 290.93 encryptions. For the first time, our result exhibits a cryptographic weakness in the full MISTY1 cipher (when used with the recommended 8 rounds), and shows that the MISTY1 cipher is distinguishable from an ideal cipher and thus cannot be regarded to be an ideal cipher. © 2013 Springer-Verlag. |
| Keyword | Lyapunov Methods Security Of Data |
| Language | 英语 |
| Content Type | 会议论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/15898 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Lu Jiqiang,Yap Wun-She,Wei Yongzhuang. weak keys of the full misty1 block cipher for related-key differential cryptanalysis[C],2013:389-404. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment