Paper 2020/103

Improved Related-Tweakey Rectangle Attacks on Reduced-round Deoxys-BC-384 and Deoxys-I-256-128

Boxin Zhao, Xiaoyang Dong, Keting Jia, and Willi Meier

Abstract

Deoxys-BC is the core internal tweakable block cipher of the authenticated encryption schemes Deoxys-I and Deoxys-II. Deoxys-II is one of the six schemes in the final portfolio of the CAESAR competition, while Deoxys-I is a 3rd round candidate. By well studying the new method proposed by Cid et al. at ToSC 2017 and BDT technique proposed by Wang and Peyrin at ToSC 2019, we find a new 11-round related-tweakey boomerang distinguisher of Deoxys-BC-384 with probability of $2^{-118.4}$, and give a related-tweakey rectangle attack on 13-round Deoxys-BC-384 with a data complexity of $2^{125.2}$ and time complexity of $2^{186.7}$, and then apply it to analyze 13-round Deoxys-I-256-128 in this paper. This is the first time that an attack on 13-round Deoxys-I-256-128 is given, while the previous attack on this version only reaches 12 rounds.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Minor revision. INDOCRYPT 2019
Keywords
CAESARAuthenticated EncryptionDeoxys-BCRectangle Attack
Contact author(s)
xiaoyangdong @ tsinghua edu cn
History
2020-02-04: received
Short URL
https://ia.cr/2020/103
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/103,
      author = {Boxin Zhao and Xiaoyang Dong and Keting Jia and Willi Meier},
      title = {Improved Related-Tweakey Rectangle Attacks on Reduced-round Deoxys-{BC}-384 and Deoxys-I-256-128},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/103},
      year = {2020},
      url = {https://eprint.iacr.org/2020/103}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.