We prove that the multiset technique used to analyze AES can not be applied directly to mCrypton due to the scarcity of information. As a solution, we replace the unordered multiset with the ordered sequence. We lower the memory requirement from $2^{100}$ to $2^{44}$ using the efficient differential enumeration technique.
Based on these modifications, we construct a MITM attack on 7-round mCrypton-64/96/128 with complexities of $2^{44}$ 64-bit blocks and $2^{57}$ encryptions.
We further extend the attack to 8 and 9 rounds for mCrypton-128 by adding some key-bridging techniques. The 8-round attack requires $2^{44}$ blocks and $2^{96}$ encryptions while the 9-round attack needs $2^{120}$ blocks and $2^{116}$ encryptions.
Category / Keywords: secret-key cryptography / cryptanalysis, mCrypton, MITM Attack, Efficient Differential Enumeration Technique, Key Bridging Tchnique Date: received 15 Nov 2013 Contact author: koala89 at 163 com Available format(s): PDF | BibTeX Citation Version: 20131117:022156 (All versions of this report) Short URL: ia.cr/2013/756 Discussion forum: Show discussion | Start new discussion