Cryptology ePrint Archive: Report 2013/301

Impossible Differential-Linear Cryptanalysis of Reduced-Round CLEFIA-128

Zheng Yuan and Xian Li and Haixia Liu

Abstract: CLEFIA is a 128-bit block cipher proposed by Sony Corporation in 2007. Our paper introduces a new chosen text attack, the impossible differential-linear attack, on iterated cryptosystems. The attack is efficient for $16$-round CLEFIA with whitening keys. In the paper, we construct a $13$-round impossible differential-linear distinguisher. Based on the distinguisher, we present an effective attack on 16-round CLEFIA-$128$ with data complexity of $2^{122.73}$, recovering $96$-bit subkeys in total. Our attack can also be applied to CLEFIA-192 and CLEFIA-$256$.

Category / Keywords: CLEFIA, impossible differential-linear cryptanalysis, impossible differential cryptanalysis, linear approximation.

Date: received 20 May 2013, last revised 20 Apr 2014

Contact author: zyuan at tsinghua edu cn

Available format(s): PDF | BibTeX Citation

Note: We complement the third chapter, that is say, we introduced in detail our attack thoughts.

Version: 20140420:233046 (All versions of this report)

Short URL: ia.cr/2013/301

Discussion forum: Show discussion | Start new discussion