Skip to main content
Conference ProceedingsOPEN ACCESS

Differential-Linear cryptanalysis of ICEPOLE

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2015) 9054 243-263
DOI: 10.1007/978-3-662-48116-5_12
20Citations
Citations of this article
33Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

ICEPOLE is a CAESAR candidate with the intermediate level of robustness under nonce misuse circumstances in the original document. In particular, it was claimed that key recovery attack against ICEPOLE is impossible in the case of nonce misuse. ICEPOLE is strong against the differential cryptanalysis and linear cryptanalysis. In this paper, we developed the differential-linear attacks against ICEPOLE when nonce is misused. Our attacks show that the state of ICEPOLE–128 and ICEPOLE– 128a can be recovered with data complexity 246 and time complexity 246; the state of ICEPOLE–256a can be recovered with data complexity 260 and time complexity 260 For ICEPOLE–128a and ICEPOLE–256a, the secret key is recovered once the state is recovered. We experimentally verified the attacks against ICEPOLE–128 and ICEPOLE–128a.

Author supplied keywords

Cite

CITATION STYLE

APA

Huang, T., Tjuawinata, I., & Wu, H. (2015). Differential-Linear cryptanalysis of ICEPOLE. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9054, pp. 243–263). Springer Verlag. https://doi.org/10.1007/978-3-662-48116-5_12

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free