### Single Key Recovery Attacks on 9-round Kalyna-128/256 and Kalyna-256/512

Akshima, Donghoon Chang, Mohona Ghosh, Aarushi Goel, and Somitra Kumar Sanadhya

##### Abstract

The Kalyna block cipher has recently been established as the Ukranian encryption standard in June, 2015. It was selected in a Ukrainian National Public Cryptographic Competition running from 2007 to 2010. Kalyna supports block sizes and key lengths of 128, 256 and 512 bits. Denoting the variants of Kalyna as Kalyna-$b/k$, where $b$ denotes the block size and $k$ denotes the keylength, the design specifies $k \in \{b, 2b\}$. In this work, we re-evaluate the security bound of some reduced round Kalyna variants, specifically Kalyna-$128/256$ and Kalyna-$256/512$ against key recovery attacks in the single key model. We first construct new 6-round distinguishers and then use these distinguishers to demonstrate 9-round attacks on these Kalyna variants. These attacks improve the previous best 7-round attacks on the same.\\ Our 9-round attack on Kalyna-128/256 has data, time and memory complexity of $2^{105}$, $2^{245.83}$ and $2^{226.86}$ respectively. For our 9-round attack on Kalyna-256/512, the data/time/memory complexities are $2^{217}$, $2^{477.83}$ and $2^{443.45}$ respectively. The time and data complexities for Kalyna-256/512 reported in this work improve upon the previous best 7-round attack complexities on the same. The attacks presented in this work are currently the best on Kalyna. We apply multiset attack - a variant of meet-in-the-middle attack to achieve these results.

Available format(s)
Category
Secret-key cryptography
Publication info
Published elsewhere. MAJOR revision.ICISC 2015
Keywords
Block cipherKalynaKey RecoveryDifferential enumerationSingle key model
Contact author(s)
aarushi12003 @ iiitd ac in
History
Short URL
https://ia.cr/2015/1227

CC BY

BibTeX

@misc{cryptoeprint:2015/1227,
author = {Akshima and Donghoon Chang and Mohona Ghosh and Aarushi Goel and Somitra Kumar Sanadhya},
title = {Single Key Recovery Attacks on 9-round Kalyna-128/256 and Kalyna-256/512},
howpublished = {Cryptology ePrint Archive, Paper 2015/1227},
year = {2015},
note = {\url{https://eprint.iacr.org/2015/1227}},
url = {https://eprint.iacr.org/2015/1227}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.