### A Practical Related-Key Boomerang Attack for the Full MMB Block Cipher

Tomer Ashur and Orr Dunkelman

##### Abstract

The MMB block cipher (Modular Multiplication-based Block cipher) is an iterative block cipher designed by Daemen, Govaerts, and Vandewalle in 1993 as an improvement of the PES and IPES ciphers. In this paper we present several new related-key differential characteristics of MMB. These characteristics can be used to form several related-key boomerangs to attack the full MMB. Using 2^{20} adaptive chosen plaintexts and ciphertexts we recover all key bits in 2^{35} time for the full MMB. Our attack was experimentally verified, and it takes less than 15 minutes on a standard Intel i5 machine to recover the full MMB key. After showing this practical attack on the full key of the full MMB, we present partial attacks on extended versions of MMB with up to 9 rounds (which is three more rounds than in the full MMB). We recover 62 out of the 128-bit key in time of 2^{29.2} for 7-round MMB, using 2^{20} adaptive chosen plaintexts and ciphertexts encrypted under 4 related-keys, and time of 2^{29} for 8-round MMB using 2^{20} adaptive chosen plaintexts and ciphertexts, encrypted under 6 related-keys. We show how an adversary can recover 31 out of the 128-bit key for the 9-round MMB in time of 2^{27.8} using 2^{19} adaptive chosen plaintexts and ciphertexts, encrypted under only 2 related-keys. We also show how the time complexity of all attacks can be reduced by partially precomputing the difference distribution table of MMB's components.

##### Metadata
Available format(s)
Category
Secret-key cryptography
Publication info
Published elsewhere. MINOR revision.CANS 2013
Keywords
MMBDifferential CryptanalysisRelated-Key Boomerang Attack.
Contact author(s)
tomerashur @ gmail com
History
2013-10-24: received
Short URL
https://ia.cr/2013/675
License

CC BY

BibTeX

@misc{cryptoeprint:2013/675,
author = {Tomer Ashur and Orr Dunkelman},
title = {A Practical Related-Key Boomerang Attack for the Full MMB Block Cipher},
howpublished = {Cryptology ePrint Archive, Paper 2013/675},
year = {2013},
note = {\url{https://eprint.iacr.org/2013/675}},
url = {https://eprint.iacr.org/2013/675}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.