MISTY1 is a block cipher designed by Matsui in 1997. It is widely deployed in Japan, and is recognized internationally as an European NESSIE-recommended cipher and an ISO standard. Since its introduction, MISTY1 was subjected to extensive cryptanalytic efforts, yet no attack significantly faster than exhaustive key search is known on its full version. The best currently known attack is a higher-order differential attack presented by Tsunoo et al. in 2012 which breaks a reduced variant of MISTY1 that contains 7 of the 8 rounds and 4 of the 5 FL layers in 249.7 data and 2116.4 time. In this paper, we present improved higher-order differential attacks on reduced-round MISTY 1. Our attack on the variant considered by Tsunoo et al. requires roughly the same amount of data and only 2100.4 time (i.e., is 216 times faster). Furthermore, we present the first attack on a MISTY1 variant with 7 rounds and all 5 FL layers, requiring 251.4 data and 2121 time. To achieve our results, we use a new higher-order differential characteristic for 4-round MISTY1, as well as enhanced key recovery algorithms based on the partial sums technique.
|Title of host publication||Fast Software Encryption - 22nd International Workshop, FSE 2015, Revised Selected Papers|
|Number of pages||20|
|State||Published - 2015|
|Event||22nd International Workshop on Fast Software Encryption, FSE 2015 - Istanbul, Turkey|
Duration: 8 Mar 2015 → 11 Mar 2015
|Name||Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)|
|Conference||22nd International Workshop on Fast Software Encryption, FSE 2015|
|Period||8/03/15 → 11/03/15|
Bibliographical noteFunding Information:
A. Bar-On—This research was partially supported by the Israeli Ministry of Science, Technology and Space, and by the Check Point Institute for Information Security.
© Springer International Publishing Switzerland 2015.