Paper 2018/048

Impossible Differential Cryptanalysis on Deoxys-BC-256

Alireza mehrdad, Farokhlagha Moazami, and Hadi Soleimany

Abstract

Deoxys is a third-round candidate of the CAESAR competition. This paper presents the first impossible differential cryptanalysis of Deoxys-BC-256 which is used in Deoxys as an internal tweakable block cipher. First, we find a 4.5-round ID characteristic by utilizing a miss-in-the-middle-approach. We then present several cryptanalyses based upon the 4.5 rounds distinguisher against round-reduced Deoxys-BC-256 in both single-key and related-key settings. Our contributions include impossible differential attacks on up to 8-rounds Deoxys-BC-256 in the tweak-key model which is, to the best of our knowledge, the first independent investigation of the security of Deoxys-BC-256 in the single-key model. Our attack reaches 9 rounds in the related-key related-tweak model which has a slightly higher data complexity than the best previous results obtained by a rectangle attack presented at FSE 2018 but requires a lower memory complexity with an equal time complexity.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. The ISC International Journal of Information Security
Keywords
authenticated encryptionblock cipherDeoxys-BCrelated- tweakrelated-keyimpossible differential cryptanalysis.
Contact author(s)
a mehrdad @ mail sbu ac ir
History
2018-08-08: revised
2018-01-15: received
See all versions
Short URL
https://ia.cr/2018/048
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2018/048,
      author = {Alireza mehrdad and Farokhlagha Moazami and Hadi Soleimany},
      title = {Impossible Differential Cryptanalysis on Deoxys-{BC}-256},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/048},
      year = {2018},
      url = {https://eprint.iacr.org/2018/048}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.