Improving the Efficiency of Impossible Differential Cryptanalysis of Reduced Camellia and MISTY1

Jiqiang Lu, Jongsung Kim, N. Keller, Orr Dunkelman

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

Abstract

We observe that when conducting an impossible differential cryptanalysis on Camellia and MISTY1, their round structures allow us to partially determine whether a candidate pair is useful by guessing only a small fraction of the unknown required subkey bits of a relevant round at a time, instead of guessing all of them at once. Taking advantage of the early abort technique, we improve a previous impossible differential attack on 6-round MISTY1 without the FL functions, and present impossible differential cryptanalysis of 11-round Camellia-128 without the FL functions, 13-round Camellia-192 without the FL functions and 14-round Camellia-256 without the FL functions. The presented results are better than any previously published cryptanalytic results on Camellia and MISTY1 without the FL functions.
Original languageAmerican English
Title of host publicationTopics in Cryptology – CT-RSA 2008
EditorsTal Malkin
Place of PublicationBerlin Heidelberg
PublisherSpringer
Pages370-386
Volume4964
StatePublished - 2008

Publication series

NameLecture Notes in Computer Science

Fingerprint

Dive into the research topics of 'Improving the Efficiency of Impossible Differential Cryptanalysis of Reduced Camellia and MISTY1'. Together they form a unique fingerprint.

Cite this