Cryptanalysis of TWIS block cipher

Authors:
Onur Koçak;Neşe Öztop
Affiliations:
Institute of Applied Mathematics, Middle East Technical University, Turkey;Institute of Applied Mathematics, Middle East Technical University, Turkey
Venue:
WEWoRC'11 Proceedings of the 4th Western European conference on Research in Cryptology
Year:
2011

Citing 10
Cited 0

Differential Cryptanalysis of DES-like Cryptosystems

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Miss in the Middle Attacks on IDEA and Khufu

FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Grain: a stream cipher for constrained environments

International Journal of Wireless and Mobile Computing
PRESENT: An Ultra-Lightweight Block Cipher

CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
KATAN and KTANTAN -- A Family of Small and Efficient Hardware-Oriented Block Ciphers

CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
TWIS --- A Lightweight Block Cipher

ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Full-round differential attack on TWIS block cipher

WISA'10 Proceedings of the 11th international conference on Information security applications
SP 800-67 Rev. 1. Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher

SP 800-67 Rev. 1. Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher
The 128-bit blockcipher CLEFIA

FSE'07 Proceedings of the 14th international conference on Fast Software Encryption

Quantified Score

Hi-index	0.00

Visualization

Abstract

TWIS is a 128-bit lightweight block cipher that is proposed by Ojha et al. In this work, we analyze the security of the cipher against differential and impossible differential attacks. For the differential case, we mount a full-round attack on TWIS and recover 12 bits of the 32-bit final subkey with 221 complexity. For the impossible differential, we present a distinguisher which can be extended to a key recovery attack. Also, we showed that the security of the cipher is only 54 bits instead of claimed 128 bits. Moreover, we introduce some observations that compromise the security of the cipher.