You are looking at a specific version 20101204:142321 of this paper. See the latest version.

Paper 2010/593

Differential Attack on Five Rounds of the SC2000 Block Cipher

Jiqiang Lu

Abstract

The SC2000 block cipher has a 128-bit block size and a user key of 128, 192 or 256 bits, which employs a total of 6.5 rounds if a 128-bit user key is used. It is a CRYPTREC recommended e-government cipher. In this paper we describe two 4.75-round differential characteristics with probability $2^{-126}$ of SC2000 and seventy-six 4.75-round differential characteristics with probability $2^{-127}$. Finally, we present a differential cryptanalysis attack on a 5-round reduced version of SC2000 when used with a 128-bit key; the attack requires $2^{125.68}$ chosen plaintexts and has a time complexity of $2^{125.75}$ 5-round SC2000 encryptions. It suggests for the first time that the safety margin of SC2000 with a 128-bit key decreases below one and a half rounds.

Note: In this enhanced version, we address how to recover the user key from a few subkey bits of SC2000, give more non-trivial 4.75-round differential characteristics, and present a more efficient attack.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. A preliminary version of this work was presented at Inscrypt 2009.
Keywords
Block cipherSC2000Differential cryptanalysis
Contact author(s)
lvjiqiang @ hotmail com
History
2010-12-04: revised
2010-11-23: received
See all versions
Short URL
https://ia.cr/2010/593
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.