Paper 2009/489
Impossible Boomerang Attack for Block Cipher Structures
Jiali Choy and Huihui Yap
Abstract
Impossible boomerang attack \cite{lu} (IBA) is a new variant of differential cryptanalysis against block ciphers. Evident from its name, it combines the ideas of both impossible differential cryptanalysis and boomerang attack. Though such an attack might not be the best attack available, its complexity is still less than that of the exhaustive search. In impossible boomerang attack, impossible boomerang distinguishers are used to retrieve some of the subkeys. Thus the security of a block cipher against IBA can be evaluated by impossible boomerang distinguishers. In this paper, we study the impossible boomerang distinguishers for block cipher structures whose round functions are bijective. Inspired by the $\mathcal{U}$-method in \cite{kim}, we provide an algorithm to compute the maximum length of impossible boomerang distinguishers for general block cipher structures, and apply the algorithm to known block cipher structures such as Nyberg's generalized Feistel network, a generalized CAST256-like structure, a generalized MARS-like structure, a generalized RC6-like structure, etc.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Updated version of the paper accepted by IWSEC 2009
- Keywords
- Block CiphersImpossible Boomerang AttackImpossible Boomerang Distinguishers
- Contact author(s)
- yhuihui @ dso org sg
- History
- 2009-10-06: revised
- 2009-10-05: received
- See all versions
- Short URL
- https://ia.cr/2009/489
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2009/489,
author = {Jiali Choy and Huihui Yap},
title = {Impossible Boomerang Attack for Block Cipher Structures},
howpublished = {Cryptology ePrint Archive, Paper 2009/489},
year = {2009},
note = {\url{https://eprint.iacr.org/2009/489}},
url = {https://eprint.iacr.org/2009/489}
}
