Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms - Design and Analysis
SAC '00 Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography
Higher Order Differential Attack of Camellia (II)
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Truncated Differential Cryptanalysis of Camellia
ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
Impossible differential cryptanalysis of reduced-round ARIA and Camellia
Journal of Computer Science and Technology
A Meet-in-the-Middle Attack on 8-Round AES
Fast Software Encryption
Improved Impossible Differential Cryptanalysis of Reduced-Round Camellia
Selected Areas in Cryptography
New Results on Impossible Differential Cryptanalysis of Reduced---Round Camellia---128
Selected Areas in Cryptography
Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Square like attack on camellia
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Improving the efficiency of impossible differential cryptanalysis of reduced Camellia and MISTY1
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
New impossible differential attacks of reduced-round Camellia-192 and Camellia-256
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Collision attack and pseudorandomness of reduced-round camellia
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
New impossible differential cryptanalysis of reduced-round camellia
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Hi-index | 0.00 |
This paper proposes a low data complexity attack on reduced-round block cipher Camellia. Utilizing a 7-round meet-in-the-middle distinguisher with an FL layer between the fifth and the sixth round, one can attack 12-round Camellia-256 with 219 chosen plaintexts and 2231.2 encryptions. This attack starts from the first round of Camellia-256, so as to keep the property of Camellia that inserting the FL layers every 6 rounds; it also takes the whitening keys into account. Compared with the recent proposed attacks on Camellia-256, the attack in this paper has much lower data complexity; at the same time, it is also the best attack on Camellia-256 in terms of the number of rounds and the time complexity, if one only consider the 'regular' reduced Camellia with 6 rounds before (after) the first (last) FL layer and with whitening keys.