Abstract
Q is a block cipher based on Rijndael and Serpent, which was submitted as a candidate to the NESSIE project by Leslie McBride.The submission document of Q describes 12 one-round iterative characteristics with probability 2−18 each.On 7 rounds these characteristics have probability 2−126, and the author of Q claims that these are the best 7- round characteristics.W e find additional one-round characteristics that can be extended to more rounds.W e also combine the characteristics into differentials.W e present several differential attacks on the full cipher. Our best attack on the full Q with 128-bit keys (8 rounds) uses 2105 chosen plaintexts and has a complexity of 277 encryptions.Our best attack on the full Q with larger key sizes (9 rounds) uses 2125 chosen ciphertexts, and has a complexity of 296 for 192-bit keys, and 2128 for 256-bit keys.
Cite
CITATION STYLE
Biham, E., Furman, V., Misztal, M., & Rijmen, V. (2002). Differential cryptanalysis of Q. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2355, pp. 174–186). Springer Verlag. https://doi.org/10.1007/3-540-45473-X_15
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
