Impossible Boomerang Attack for Block Cipher Structures

Authors:
Jiali Choy;Huihui Yap
Affiliations:
DSO National Laboratories, Singapore 118230;DSO National Laboratories, Singapore 118230
Venue:
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
Year:
2009

Citing 7
Cited 5

On the Pseudorandomness of Top-Level Schemes of Block Ciphers

ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Provable Security for the Skipjack-like Structure against Differential Cryptanalysis and Linear Cryptanalysis

ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Impossible Differential Cryptanalysis of CLEFIA

Fast Software Encryption
An Improved Impossible Differential Attack on MISTY1

ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Analysis of the SMS4 block cipher

ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Attacking reduced-round versions of the SMS4 block cipher in the Chinese WAPI standard

ICICS'07 Proceedings of the 9th international conference on Information and communications security
A related-key rectangle attack on the full KASUMI

ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security

New insights on impossible differential cryptanalysis

SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
On permutation layer of type 1, source-heavy, and target-heavy generalized feistel structures

CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Generalized Feistel networks revisited

Designs, Codes and Cryptography
A unified method for finding impossible differentials of block cipher structures

Information Sciences: an International Journal
Linear hulls with correlation zero and linear cryptanalysis of block ciphers

Designs, Codes and Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

Impossible boomerang attack [5] (IBA) is a new variant of differential cryptanalysis against block ciphers. Evident from its name, it combines the ideas of both impossible differential cryptanalysis and boomerang attack. Though such an attack might not be the best attack available, its complexity is still less than that of the exhaustive search. In impossible boomerang attack, impossible boomerang distinguishers are used to retrieve some of the subkeys. Thus the security of a block cipher against IBA can be evaluated by impossible boomerang distinguishers. In this paper, we study the impossible boomerang distinguishers for block cipher structures whose round functions are bijective. Inspired by the $\mathcal{U}$-method in [3], we provide an algorithm to compute the maximum length of impossible boomerang distinguishers for general block cipher structures, and apply the algorithm to known block cipher structures such as Nyberg's generalized Feistel network, a generalized CAST256-like structure, a generalized MARS-like structure, a generalized RC6-like structure, etc.