Cryptology ePrint Archive: Report 2020/103

Improved Related-Tweakey Rectangle Attacks on Reduced-round Deoxys-BC-384 and Deoxys-I-256-128

Boxin Zhao and Xiaoyang Dong and Keting Jia and Willi Meier

Abstract: Deoxys-BC is the core internal tweakable block cipher of the authenticated encryption schemes Deoxys-I and Deoxys-II. Deoxys-II is one of the six schemes in the final portfolio of the CAESAR competition, while Deoxys-I is a 3rd round candidate. By well studying the new method proposed by Cid et al. at ToSC 2017 and BDT technique proposed by Wang and Peyrin at ToSC 2019, we find a new 11-round related-tweakey boomerang distinguisher of Deoxys-BC-384 with probability of $2^{-118.4}$, and give a related-tweakey rectangle attack on 13-round Deoxys-BC-384 with a data complexity of $2^{125.2}$ and time complexity of $2^{186.7}$, and then apply it to analyze 13-round Deoxys-I-256-128 in this paper. This is the first time that an attack on 13-round Deoxys-I-256-128 is given, while the previous attack on this version only reaches 12 rounds.

Category / Keywords: secret-key cryptography / CAESAR, Authenticated Encryption, Deoxys-BC, Rectangle Attack

Original Publication (with minor differences): INDOCRYPT 2019

Date: received 2 Feb 2020, last revised 2 Feb 2020

Contact author: xiaoyangdong at tsinghua edu cn

Available format(s): PDF | BibTeX Citation

Version: 20200204:161028 (All versions of this report)

Short URL: ia.cr/2020/103


[ Cryptology ePrint archive ]