Abstract
This paper describes truncated and impossible differential cryptanalysis of the 128-bit block cipher Camellia, which was proposed by NTT and Mitsubishi Electric Corporation. Our work improves on the best known truncated and impossible differential cryptanalysis. As a result, we show a nontrivial 9-round byte characteristic, which may lead to a possible attack of reduced-round version of Camellia without input/output whitening, FL or FL-1 in a chosen plain text scenario. Previously, only 6-round differentials were known, which may suggest a possible attack of Camellia reduced to 8-rounds. Moreover, we show a nontrivial 7-round impossible differential, whereas only a 5-round impossible differential was previously known. This cryptanalysis is effective against general Feistel structures with round functions composed of S-D (Substitution and Diffusion) transformation.
Author supplied keywords
Cite
CITATION STYLE
Sugita, M., Kobara, K., & Imai, H. (2001). Security of reduced version of the block cipher camellia against truncated and impossible differential cryptanalysis. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2248, pp. 193–207). Springer Verlag. https://doi.org/10.1007/3-540-45682-1_12
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
