Low data complexity attack on reduced camellia-256

Authors:
Jiazhe Chen;Leibo Li
Affiliations:
Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, School of Mathematics, Shandong University, Jinan, China, ESAT/COSIC and IBBT, KU Leuven, Belgium;Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, School of Mathematics, Shandong University, Jinan, China
Venue:
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Year:
2012

Citing 16
Cited 0

Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms - Design and Analysis

SAC '00 Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography
Higher Order Differential Attack of Camellia (II)

SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Security of Reduced Version of the Block Cipher Camellia against Truncated and Impossible Differential Cryptanalysis

ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Truncated Differential Cryptanalysis of Camellia

ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
Special Feature Exhaustive Cryptanalysis of the NBS Data Encryption Standard

Computer
Impossible differential cryptanalysis of reduced-round ARIA and Camellia

Journal of Computer Science and Technology
A Meet-in-the-Middle Attack on 8-Round AES

Fast Software Encryption
Improved Impossible Differential Cryptanalysis of Reduced-Round Camellia

Selected Areas in Cryptography
New Results on Impossible Differential Cryptanalysis of Reduced---Round Camellia---128

Selected Areas in Cryptography
Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Square like attack on camellia

ICICS'07 Proceedings of the 9th international conference on Information and communications security
Improving the efficiency of impossible differential cryptanalysis of reduced Camellia and MISTY1

CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
New impossible differential attacks of reduced-round Camellia-192 and Camellia-256

ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Collision attack and pseudorandomness of reduced-round camellia

SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
New observation on camellia

SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
New impossible differential cryptanalysis of reduced-round camellia

CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper proposes a low data complexity attack on reduced-round block cipher Camellia. Utilizing a 7-round meet-in-the-middle distinguisher with an FL layer between the fifth and the sixth round, one can attack 12-round Camellia-256 with 219 chosen plaintexts and 2231.2 encryptions. This attack starts from the first round of Camellia-256, so as to keep the property of Camellia that inserting the FL layers every 6 rounds; it also takes the whitening keys into account. Compared with the recent proposed attacks on Camellia-256, the attack in this paper has much lower data complexity; at the same time, it is also the best attack on Camellia-256 in terms of the number of rounds and the time complexity, if one only consider the 'regular' reduced Camellia with 6 rounds before (after) the first (last) FL layer and with whitening keys.