Analysis of the SMS4 block cipher

Authors:
Fen Liu;Wen Ji;Lei Hu;Jintai Ding;Shuwang Lv;Andrei Pyshkin;Ralf-Philipp Weinmann
Affiliations:
State Key Laboratory of Information Security, Graduate School of Chinese Academy of Sciences, Beijing, China;State Key Laboratory of Information Security, Graduate School of Chinese Academy of Sciences, Beijing, China;State Key Laboratory of Information Security, Graduate School of Chinese Academy of Sciences, Beijing, China;Department of Mathematical Sciences, University of Cincinnati, Cincinnati, OH;State Key Laboratory of Information Security, Graduate School of Chinese Academy of Sciences, Beijing, China;Fachbereich Informatik, Technische Universität Darmstadt, Darmstadt, Germany;Fachbereich Informatik, Technische Universität Darmstadt, Darmstadt, Germany
Venue:
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Year:
2007

Citing 7
Cited 16

Essential Algebraic Structure within the AES

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
In How Many Ways Can You Write Rijndael?

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Unbalanced Feistel Networks and Block Cipher Design

Proceedings of the Third International Workshop on Fast Software Encryption
The Block Cipher Square

FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Integral Cryptanalysis

FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
A toolbox for cryptanalysis: linear and affine equivalence algorithms

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Generic attacks on unbalanced feistel schemes with contracting functions

ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security

Cryptanalysis of Reduced-Round SMS4 Block Cipher

ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Analysis of Two Attacks on Reduced-Round Versions of the SMS4

ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Differential fault analysis on the contracting UFN structure, with application to SMS4 and MacGuffin

Journal of Systems and Software
Some New Observations on the SMS4 Block Cipher in the Chinese WAPI Standard

ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Cryptographic Properties and Application of a Generalized Unbalanced Feistel Network Structure

ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Impossible Boomerang Attack for Block Cipher Structures

IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
Saturation Attack on the Block Cipher HIGHT

CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
New description of SMS4 by an embedding over GF(28)

INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Attacking reduced-round versions of the SMS4 block cipher in the Chinese WAPI standard

ICICS'07 Proceedings of the 9th international conference on Information and communications security
Some results on cryptanalysis of SMS4 block cipher

International Journal of Applied Cryptography
Algebraic cryptanalysis of SMS4: gröbner basis attack and SAT attack compared

ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Differential Fault Analysis on SMS4 using a single fault

Information Processing Letters
Linearity within the SMS4 block cipher

Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Security of the SMS4 block cipher against differential cryptanalysis

Journal of Computer Science and Technology - Special issue on natural language processing
Cryptographic properties and application of a Generalized Unbalanced Feistel Network structure

Cryptography and Communications
Extending higher-order integral: an efficient unified algorithm of constructing integral distinguishers for block ciphers

ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

SMS4 is a 128-bit block cipher used in the WAPI standard for providing data confidentiality in wireless networks. In this paper we investigate and explain the origin of the S-Box employed by the cipher, show that an embedded cipher similar to BES can be obtained for SMS4 and demonstrate the fragility of the cipher design by giving variants that exhibit 264 weak keys. We also show attacks on reduced round versions of the cipher. The best practical attack we found is an integral attack that works on 10 rounds out of 32 rounds with a complexity of 218 operations; it can be extended to 13 rounds using round key guesses, resulting in a complexity of 2114 operations and a data complexity of 216 chosen pairs.