### Impossible Differential Attack on QARMA Family of Block Ciphers

Dong Yang, Wen-feng Qi, and Hua-jin Chen

##### Abstract

QARMA is a family of lightweight tweakable block ciphers, which is used to support a software protection feature in the ARMv8 architecture. In this paper, we study the security of QARMA family against the impossible differential attack. First, we generalize the concept of truncated difference. Then, based on the generalized truncated difference, we construct the first 6-round impossible differential dinstinguisher of QARMA. Using the 6-round distinguisher and the time-and-memory trade-off technique, we present 10-round impossible differential attack on QARMA. This attack requires $2^{119.3}$ (resp. $2^{237.3}$) encryption units, $2^{61}$ (resp. $2^{122}$) chosen plaintext and $2^{72}$ 72-bit (resp. $2^{144}$ 144-bit) space for QARMA-64 (resp. QARMA-128). Further, if allowed with higher memory complexity (about $2^{116}$ 120-bit and $2^{232}$ 240-bit space for QARMA-64 and QARMA-128, respectively), our attack can break up 11 rounds of QARMA. To the best of our knowledge, these results are currently the best results with respect to attacked rounds.

Available format(s)
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
impossible differential attacktruncated differentialQARMA
Contact author(s)
yangdong_sky @ 126 com
History
Short URL
https://ia.cr/2018/334

CC BY

BibTeX

@misc{cryptoeprint:2018/334,
author = {Dong Yang and Wen-feng Qi and Hua-jin Chen},
title = {Impossible Differential Attack on QARMA Family of Block Ciphers},
howpublished = {Cryptology ePrint Archive, Paper 2018/334},
year = {2018},
note = {\url{https://eprint.iacr.org/2018/334}},
url = {https://eprint.iacr.org/2018/334}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.