Paper 2018/334

Impossible Differential Attack on QARMA Family of Block Ciphers

Dong Yang, Wen-feng Qi, and Hua-jin Chen


QARMA is a family of lightweight tweakable block ciphers, which is used to support a software protection feature in the ARMv8 architecture. In this paper, we study the security of QARMA family against the impossible differential attack. First, we generalize the concept of truncated difference. Then, based on the generalized truncated difference, we construct the first 6-round impossible differential dinstinguisher of QARMA. Using the 6-round distinguisher and the time-and-memory trade-off technique, we present 10-round impossible differential attack on QARMA. This attack requires $2^{119.3}$ (resp. $2^{237.3}$) encryption units, $2^{61}$ (resp. $2^{122}$) chosen plaintext and $2^{72}$ 72-bit (resp. $2^{144}$ 144-bit) space for QARMA-64 (resp. QARMA-128). Further, if allowed with higher memory complexity (about $2^{116}$ 120-bit and $2^{232}$ 240-bit space for QARMA-64 and QARMA-128, respectively), our attack can break up 11 rounds of QARMA. To the best of our knowledge, these results are currently the best results with respect to attacked rounds.

Available format(s)
Secret-key cryptography
Publication info
Preprint. Minor revision.
impossible differential attacktruncated differentialQARMA
Contact author(s)
yangdong_sky @ 126 com
2018-04-11: received
Short URL
Creative Commons Attribution


      author = {Dong Yang and Wen-feng Qi and Hua-jin Chen},
      title = {Impossible Differential Attack on QARMA Family of Block Ciphers},
      howpublished = {Cryptology ePrint Archive, Paper 2018/334},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.