The meet-in-the-middle (MitM) attack is a technique for analysing the security of a block cipher. In this paper, we propose an extension of the MitM attack, which we call the higher-order meet-in-the-middle (HO-MitM) attack; the core idea of the HO-MitM attack is to use multiple plaintexts to cancel some key-dependent component(s) or parameter(s) when constructing a basic unit of "value-in-the-middle". We introduce a novel approach, which combines integral cryptanalysis with the MitM attack, to construct HO-MitM attacks on 10-round Camellia under 128 key bits, 11-round Camellia under 192 key bits and 12-round Camellia under 256 key bits, all of which include FL/FL-1 functions. Finally, we apply an existing approach to construct HO-MitM attacks on 14-round Camellia without FL/FL-1 functions under 192 key bits and 16-round Camellia without FL/FL-1 functions under 256 key bits. © Springer-Verlag 2012.
CITATION STYLE
Lu, J., Wei, Y., Kim, J., & Pasalic, E. (2012). The higher-order meet-in-the-middle attack and its application to the Camellia block cipher (extended abstract). In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7668 LNCS, pp. 244–264). https://doi.org/10.1007/978-3-642-34931-7_15
Mendeley helps you to discover research relevant for your work.