RESEARCH ARTICLE

Security research with Square attack to a variant Camellia cipher

  • Xiangyang XU , 1 ,
  • Guangsheng ZHANG 2
Expand
  • 1. Department of Computer Science and Technology, Changsha University, Changsha 410003, China
  • 2. School of Computer, National University of Defense Technology, Changsha 410073, China

Received date: 23 Jan 2010

Accepted date: 14 May 2010

Published date: 05 Dec 2010

Copyright

2014 Higher Education Press and Springer-Verlag Berlin Heidelberg

Abstract

This paper investigates the relation between the choice of S-boxes and Square attack. A variant Camellia, which uses only a single S-box instead of four, is proposed. The security of the variant Camellia against Square attack is studied in detail. Result shows that it needs only 28 chosen plaintexts to recover a byte of the 6th round-key of variant Camellias, while the original Camellia needs either 28 chosen plaintexts to recover a byte of the 6th round-key and a byte of some constant or 216 chosen plaintexts to recover a byte of the 6th round-key. Furthermore, Square attacks on other round-reduced variant Camellia are proposed, and the time complexity of 11-round attack is reduced from 2250 to 2225.5. The weaker variant Camellia indicates that the choice of S-box and the order of different S-boxes have influence on Square attack.

Cite this article

Xiangyang XU , Guangsheng ZHANG . Security research with Square attack to a variant Camellia cipher[J]. Frontiers of Electrical and Electronic Engineering, 2010 , 5(4) : 482 -487 . DOI: 10.1007/s11460-010-0095-x

Acknowledgements

This work was supported by the Planned Science and Technology Project of Hunan Province of China (Grant No. 2010GK3063 ) and A Project Supported by Scientific Research Fund of Hunan Provincial Education Department.
1
Daemen J, Knudsen L R, Rijmen V. The block cipher Square. In: Proceedings of the 4th International Workshop on Fast Software Encryption. Lecture Notes in Computer Science, 1997, 1267: 149–165

2
Lucks S. The saturation attack—a bait for Twofish. In: Proceedings of the 8th International Workshop on Fast Software Encryption. Lecture Notes in Computer Science, 2002, 2355: 1–15

3
Biryukov A, Shamir A. Structural cryptanalysis of SASAS. In: Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology. Lecture Notes in Computer Science, 2001, 2045: 395–405

DOI

4
Knudsen L R, Wagner D. Integral cryptanalysis. In: Proceedings of the 9th International Workshop on Fast Software Encryption. Lecture Notes in Computer Science, 2002, 2365: 112–127

5
Reza Z’aba M, Raddum H, Henricksen M, Dawson E. Bit-pattern based integral attack. In: Proceedings of the 15th International Workshop on Fast Software Encryption. Lecture Notes in Computer Science, 2008, 5086: 363–381

6
Aoki K, Ichikawa T, Kanda M, Matsui M, Moriai S, Nakajima J, Tokita T. Camellia: a 128-bit block cipher suitable for multiple platforms—design and analysis. In: Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography. Lecture Notes in Computer Science, 2001, 2012: 39–56

DOI

7
Kanda M, Matsumoto T. Security of Camellia against truncated differential cryptanalysis. In: Proceedings of the 8th International Workshop on Fast Software Encryption. Lecture Notes in Computer Science, 2002, 2355: 286–299

8
Hatano Y, Sekine H, Kaneko T. Higher order differential attack of Camellia (II). In: Proceedings of the 9th Annual International Workshop on Selected Areas in Cryptography, Lecture Notes in Computer Science, 2003, 2595: 129–146

9
He Y P, Qing S H. Square attack on reduced Camellia cipher. In: Proceedings of the 3rd International Conference on Information and Communications Security. Lecture Notes in Computer Science, 2001, 2229: 238–245

DOI

10
Yeom Y, Park S, Kim I. On the security of Camellia against the Square attack. In: Proceedings of the 9th International Workshop on Fast Software Encryption. Lecture Notes in Computer Science, 2002, 2365: 89–99

11
Lei D, Chao L, Feng K Q. New observation on Camellia. In: Proceedings of the 12th International Workshop on Selected Areas in Cryptography. Lecture Notes in Computer Science, 2006, 3897: 51–64

12
Wu W L, Feng D G. Collision attack on reduced-round Camellia. Science in China, Series F: Information Sciences, 2005, 48(1): 78–90

DOI

13
Wu W L, Zhang W T, Feng D G. Impossible differential cryptanalysis of reduced-round ARIA and Camellia. Journal of Compute Science and Technology, 2007, 22(3): 449–456

DOI

14
Lu J Q, Kim J, Keller N, Dunkelman O. Improving the efficiency of impossible differential cryptanalysis of reduced Camellia and MISTY1. In: Proceedings of the Cryptopgraphers’ Track at the RSA conference on Topics in cryptology. Lecture Notes in Computer Science, 2008, 4964: 370–386

DOI

15
Kwon D, Kim J, Park S, Sung S H, Sohn Y, Song J H, Yeom Y, Yoon E-J, Lee S, Lee J, Chee S, Han D, Hong J. New block cipher: ARIA. In: Proceedings of the 6th International Conference on Information Security and Cryptology. Lecture Notes in Computer Science, 2004, 2971: 432–445

16
Li P, Sun B, Li C. Integral cryptanalysis of ARIA. In: Proceedings of Information Security and Cryptology—Inscrypt2009

Outlines

/