Paper 2015/1227

Single Key Recovery Attacks on 9-round Kalyna-128/256 and Kalyna-256/512

Akshima, Donghoon Chang, Mohona Ghosh, Aarushi Goel, and Somitra Kumar Sanadhya

Abstract

The Kalyna block cipher has recently been established as the Ukranian encryption standard in June, 2015. It was selected in a Ukrainian National Public Cryptographic Competition running from 2007 to 2010. Kalyna supports block sizes and key lengths of 128, 256 and 512 bits. Denoting the variants of Kalyna as Kalyna-$b/k$, where $b$ denotes the block size and $k$ denotes the keylength, the design specifies $k \in \{b, 2b\}$. In this work, we re-evaluate the security bound of some reduced round Kalyna variants, specifically Kalyna-$128/256$ and Kalyna-$256/512$ against key recovery attacks in the single key model. We first construct new 6-round distinguishers and then use these distinguishers to demonstrate 9-round attacks on these Kalyna variants. These attacks improve the previous best 7-round attacks on the same.\\ Our 9-round attack on Kalyna-128/256 has data, time and memory complexity of $2^{105}$, $2^{245.83}$ and $2^{226.86}$ respectively. For our 9-round attack on Kalyna-256/512, the data/time/memory complexities are $2^{217}$, $2^{477.83}$ and $2^{443.45}$ respectively. The time and data complexities for Kalyna-256/512 reported in this work improve upon the previous best 7-round attack complexities on the same. The attacks presented in this work are currently the best on Kalyna. We apply multiset attack - a variant of meet-in-the-middle attack to achieve these results.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Major revision. ICISC 2015
Keywords
Block cipherKalynaKey RecoveryDifferential enumerationSingle key model
Contact author(s)
aarushi12003 @ iiitd ac in
History
2015-12-23: received
Short URL
https://ia.cr/2015/1227
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/1227,
      author = {Akshima and Donghoon Chang and Mohona Ghosh and Aarushi Goel and Somitra Kumar Sanadhya},
      title = {Single Key Recovery Attacks on 9-round Kalyna-128/256 and Kalyna-256/512},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/1227},
      year = {2015},
      url = {https://eprint.iacr.org/2015/1227}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.