New types of cryptanalytic attacks using related keys
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
On MISTY1 Higher Order Differential Cryptanalysis
ICISC '00 Proceedings of the Third International Conference on Information Security and Cryptology
Key-Schedule Cryptoanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Cryptanalysis of Reduced-Round MISTY
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
New Block Encryption Algorithm MISTY
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Improved Cryptanalysis of MISTY1
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
An Improved Impossible Differential Attack on MISTY1
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Weak-Key Classes of 7-Round MISTY 1 and 2 for Related-Key Amplified Boomerang Attacks
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Higher Order Differential Attacks on Reduced-Round MISTY1
Information Security and Cryptology --- ICISC 2008
Distinguisher and Related-Key Attack on the Full AES-256
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Improved Integral Attacks on MISTY1
Selected Areas in Cryptography
Markov ciphers and differential cryptanalysis
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Improving the efficiency of impossible differential cryptanalysis of reduced Camellia and MISTY1
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Weak-Key class of MISTY1 for related-key differential attack
Inscrypt'11 Proceedings of the 7th international conference on Information Security and Cryptology
Differential attack on nine rounds of the SEED block cipher
Information Processing Letters
| Hi-index | 0.00 |
The MISTY1 block cipher has a 64-bit block length, a 128-bit user key and a recommended number of 8 rounds. It is a Japanese CRYPTREC-recommended e-government cipher, a European NESSIE selected cipher, and an ISO international standard. Despite of considerable cryptanalytic efforts during the past fifteen years, there has been no published cryptanalytic attack on the full MISTY1 cipher algorithm. In this paper, we present a related-key differential attack on the full MISTY1 under certain weak key assumptions: We describe 2103.57 weak keys and a related-key differential attack on the full MISTY1 with a data complexity of 261 chosen ciphertexts and a time complexity of 290.93 encryptions. For the first time, our result exhibits a cryptographic weakness in the full MISTY1 cipher (when used with the recommended 8 rounds), and shows that the MISTY1 cipher is distinguishable from an ideal cipher and thus cannot be regarded to be an ideal cipher.