Cryptology ePrint Archive: Report 2014/292

Improved Meet-in-the-Middle Attacks on Reduced-Round Camellia-192/256

Leibo Li and Keting Jia

Abstract: Camellia is one of the widely used block ciphers, which has been selected as an international standard by ISO/IEC. In this paper, we focus on the key-recovery attacks on reduced-round Camellia-192/256 with meet-in-the-middle methods. We utilize multiset and the differential enumeration methods which are popular to analyse AES in the recent to attack Camellia-192/256. We propose a 7-round property for Camellia-192, and achieve a 12-round attack with $2^{180}$ encryptions, $2^{113}$ chosen plaintexts and $2^{130}$ 128-bit memories. Furthermore, we present an 8-round property for Camellia-256, and apply it to break the 13-round Camellia-256 with $2^{232.7}$ encryptions, $2^{113}$ chosen ciphertexts and $2^{227}$ 128-bit memories.

Category / Keywords: secret-key cryptography / Block Cipher, Meet-in-the-Middle, Camellia

Date: received 25 Apr 2014

Contact author: lileibo at mail sdu edu cn, ktjia@mail tsinghua edu cn,

Available format(s): PDF | BibTeX Citation

Version: 20140429:204735 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]