Cryptology ePrint Archive: Report 2013/301

Impossible Differential-Linear Cryptanalysis of Full-Round CLEFIA-128

Zheng Yuan and Xian Li and Haixia Liu

Abstract: CLEFIA is a 128-bit block cipher proposed by Sony Corporation in 2007. Our paper introduces a new chosen text attack, impossible differential-linear attack, on iterated cryptosystems. The attack is efficient for full-round CLEFIA without whitening keys. In the paper, we construct a 14-round impossible differential distinguisher. Based on the distinguisher, we present an effective attack on full-round CLEFIA-128 with data complexity of $2^{126.52}$, recovering 91-bit subkeys in total. Besides, the results of 15/16/17-round CLEFIA-128 are given in the Appendix B/C/D. Our attack can also applied to CLEFIA-192 and CLEFIA-256.

Category / Keywords: LEFIA, impossible differential-linear cryptanalysis, impossible differential cryptanalysis, linear approximation

Date: received 20 May 2013, last revised 21 May 2013

Contact author: zyuan at mail tsininghua edu cn

Available formats: PDF | BibTeX Citation

Version: 20130525:134805 (All versions of this report)

Discussion forum: Show discussion | Start new discussion