Paper 2016/080

Cryptanalysis of PRINCE with Minimal Data

Shahram Rasoolzadeh and Håvard Raddum


We investigate two attacks on the PRINCE block cipher in the most realistic scenario, when the attacker only has a minimal amount of known plaintext available. The first attack is called Accelerated Exhaustive Search, and is able to recover the key for up to the full 12-round PRINCE with a complexity slightly lower than the security claim given by the designers. The second attack is a meet-in-the-middle attack, where we show how to successfully attack 8- and 10-round PRINCE with only two known plaintext/ciphertext pairs. Both attacks take advantage of the fact that the two middle rounds in PRINCE are unkeyed, so guessing the state before the first middle round gives the state after the second round practically for free. These attacks are the fastest until now in the known plaintext scenario for the 8 and 10 reduced-round versions and the full 12-round of PRINCE.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. Minor revision. Progress in Cryptography - AFRICACRYPT 2016
PRINCElightweight ciphercryptanalysisexhaustive searchmeet-in-the-middle.
Contact author(s)
shahram @ simula no
2016-08-20: revised
2016-01-29: received
See all versions
Short URL
Creative Commons Attribution


      author = {Shahram Rasoolzadeh and Håvard Raddum},
      title = {Cryptanalysis of PRINCE with Minimal Data},
      howpublished = {Cryptology ePrint Archive, Paper 2016/080},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.