Paper 2016/349

Note on Impossible Differential Attacks

Patrick Derbez

Abstract

While impossible differential cryptanalysis is a well-known and popular cryptanalytic method, errors in the analysis are often discovered and many papers in the literature present flaws. Wishing to solve that, Boura \textit{et al.} presented at ASIACRYPT'14 a generic vision of impossible differential attacks with the aim of simplifying and helping the construction and verification of this type of cryptanalysis. In particular, they gave generic complexity analysis formulas for mounting such attacks and develop new ideas for optimizing them. In this paper we carefully study this generic formula and show impossible differential attacks for which the real time complexity is much higher than estimated by it. In particular, we show that the impossible differential attack against 25-round TWINE-128, presented at FSE'15 by Biryukov \textit{et al.}, actually has a complexity higher than the natural bound of exhaustive search.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published by the IACR in FSE 2016
Keywords
truncated impossible differentialcryptanalysisblock cipherTWINEcomplexity
Contact author(s)
patrick derbez @ irisa fr
History
2016-04-01: received
Short URL
https://ia.cr/2016/349
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/349,
      author = {Patrick Derbez},
      title = {Note on Impossible Differential Attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2016/349},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/349}},
      url = {https://eprint.iacr.org/2016/349}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.