Abstract
SMS4 is a 128-bit block cipher used in the WAPI standard for providing data confidentiality in wireless networks. In this paper we investigate and explain the origin of the S-Box employed by the cipher, show that an embedded cipher similar to BES can be obtained for SMS4 and demonstrate the fragility of the cipher design by giving variants that exhibit 264 weak keys. We also show attacks on reduced round versions of the cipher. The best practical attack we found is an integral attack that works on 10 rounds out of 32 rounds with a complexity of 218 operations; it can be extended to 13 rounds using round key guesses, resulting in a complexity of 2114 operations and a data complexity of 216 chosen pairs. © Springer-Verlag Berlin Heidelberg 2007.
Author supplied keywords
Cite
CITATION STYLE
Fen, L., Wen, J., Lei, H., Jintai, D., Shuwang, L., Pyshkin, A., & Weinmann, R. P. (2007). Analysis of the SMS4 block cipher. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4586 LNCS, pp. 158–170). https://doi.org/10.1007/978-3-540-73458-1_13
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
