Skip to main content
SpringerLink
Log in

Impossible Differential Cryptanalysis of 14-Round Camellia-192

  • Conference paper
  • First Online:
Information Security and Privacy (ACISP 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9723))

Included in the following conference series:

Abstract

As an international standard by ISO/IEC, Camellia is a widely used block cipher, which has received much attention from cryptanalysts. The impossible differential attack is one of efficient methods to analyze Camellia. Liu et al. gave an 8-round impossible differential, of which the input and output differences depend on some weak keys. In this paper, we apply some key relations to build the precomputation table to reduce time complexity and give some relations between the size of weak key sets and the number of input and output differences of the impossible differentials, which are used to balance the time complexity and the fraction of key space attacked. Furthermore, we give an impossible differential attack on 14-round Camellia-192 with \(2^{126.5}\) known plaintexts and \(2^{189.32}\) encryptions. Our impossible differential attack works one more round than previous cryptanalysis results.

Supported by the National Natural Science Foundation of China (Grant No. 61133013 and 61402256) and the National Key Basic Research Program of China (Grant No. 2013CB834205).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    There are 2 values for \(k_2[6]\) and \(k_{15}[7]\), respectively. Hence for a given pair, the probability \(\Pr \){\(k_{2}[6]\{4\sim 7\} = k_{15}[7]\{0\sim 3\}\}=2\times 2\times 2^{-4}=2^{-2}\). Hence, there are about \(2^{2n-90}\times {n_h}\) remaining pairs.

  2. 2.

    It is convenient to calculate, we take a memory access as a 14-round encryption.

References

  1. Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: \(Camellia\): a 128-bit block cipher suitable for multiple platforms - design and analysis. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, p. 39. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  2. Blondeau, C.: Impossible differential attack on 13-round camellia-192. Inf. Process. Lett. 115(9), 660–666 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  3. Bogdanov, A., Geng, H., Wang, M., Wen, L., Collard, B.: Zero-correlation linear cryptanalysis with FFT and improved attacks on ISO Standards Camellia and CLEFIA. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 306–323. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  4. Boura, C., Naya-Plasencia, M., Suder, V.: Scrutinizing and improving impossible differential attacks: applications to CLEFIA, Camellia, LBlock and Simon. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 179–199. Springer, Heidelberg (2014)

    Google Scholar 

  5. Chen, J., Jia, K., Yu, H., Wang, X.: New impossible differential attacks of reduced-round Camellia-192 and Camellia-256. In: Parampalli, U., Hawkes, P. (eds.) ACISP 2011. LNCS, vol. 6812, pp. 16–33. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  6. Chen, J., Li, L.: Low data complexity attack on reduced Camellia-256. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 101–114. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  7. Dong, X., Li, L., Jia, K., Wang, X.: Improved attacks on reduced-round Camellia-128/192/256. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 59–83. Springer, Heidelberg (2015)

    Google Scholar 

  8. Hatano, Y., Sekine, H., Kaneko, T.: Higher order differential attack of Camellia (II). In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. International Organization for Standardization(ISO): International Standard- ISO/IEC 18033-3, Information technology-Security techniques-Encryption algorithms-Part 3: Block ciphers (2010)

    Google Scholar 

  10. Kühn, U.: Improved cryptanalysis of MISTY1. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, p. 61. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  11. Lee, S., Hong, S.H., Lee, S.-J., Lim, J.-I., Yoon, S.H.: Truncated differential cryptanalysis of Camellia. In: Kim, K. (ed.) ICISC 2001. LNCS, vol. 2288, p. 32. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  12. Lei, D., Chao, L., Feng, K.: New observation on Camellia. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 51–64. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  13. Duo, L., Li, C., Feng, K.: Square like attack on Camellia. In: Qing, S., Imai, H., Wang, G. (eds.) ICICS 2007. LNCS, vol. 4861, pp. 269–283. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  14. Li, L., Jia, K., Wang, X., Dong, X.: Meet-in-the-middle technique for truncated differential and its applications to CLEFIA and Camellia. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 48–70. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  15. Liu, Y., Li, L., Gu, D., Wang, X., Liu, Z., Chen, J., Li, W.: New observations on impossible differential cryptanalysis of reduced-round Camellia. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 90–109. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  16. Lu, J., Wei, Y., Fouque, P.A., Kim, J.: Cryptanalysis of reduced versions of the camellia block cipher. IET Inf. Secur. 6(3), 228–238 (2012)

    Article  Google Scholar 

  17. Lu, J., Kim, J.-S., Keller, N., Dunkelman, O.: Improving the efficiency of impossible differential cryptanalysis of reduced Camellia and MISTY1. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 370–386. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  18. Lu, J., Wei, Y., Kim, J., Pasalic, E.: The higher-order meet-in-the-middle attack and its application to the Camellia block cipher. In: Nandi, M., Galbraith, S. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 244–264. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  19. Lu, J., Wei, Y., Pasalic, E., Fouque, P.-A.: Meet-in-the-middle attack on reduced versions of the Camellia block cipher. In: Hanaoka, G., Yamauchi, T. (eds.) IWSEC 2012. LNCS, vol. 7631, pp. 197–215. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  20. Mala, H., Shakiba, M., Dakhilalian, M., Bagherikaram, G.: New results on impossible differential cryptanalysis of reduced–round Camellia–128. In: Jacobson Jr., M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 281–294. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  21. Shirai, T.: Differential, linear, boomerang and rectangle cryptanalysis of reduced- round Camellia. In: The Third NESSIE Workshop (2002)

    Google Scholar 

  22. Sugita, M., Kobara, K., Imai, H.: Security of reduced version of the block cipher Camellia against truncated and impossible differential cryptanalysis. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 193. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  23. Wu, W., Zhang, L., Zhang, W.: Improved impossible differential cryptanalysis of reduced-round Camellia. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 442–456. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

Download references

Acknowledgments

We would like to thank anonymous reviewers and the shepherd Jiqiang Lu for their very helpful comments on the paper.

Author information

Authors and Affiliations

  1. Department of Computer Science and Technology, Tsinghua University, Beijing, 100084, China

    Keting Jia

  2. Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, 250100, China

    Ning Wang

  3. School of Mathematics, Shandong University, Jinan, 250100, China

    Ning Wang

  4. State Key Laboratory of Cryptology, P.O.Box 5159, Beijing, 100878, China

    Keting Jia & Ning Wang

Authors
  1. Keting Jia
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ning Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Keting Jia .

Editor information

Editors and Affiliations

  1. Monash University , Melbourne, Victoria, Australia

    Joseph K. Liu

  2. Monash University , Melbourne, Victoria, Australia

    Ron Steinfeld

A Key Schedule for Camellia-192

A Key Schedule for Camellia-192

Here, we introduce the key schedule of Camellia in Fig. 4 and subkeys for Camellia-192 in Table 5.

Fig. 4.
figure 4

The key schedule of Camellia

Full size image
Table 5. Subkeys for Camellia-192 from Round 1 to Round 24
Full size table

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Jia, K., Wang, N. (2016). Impossible Differential Cryptanalysis of 14-Round Camellia-192. In: Liu, J., Steinfeld, R. (eds) Information Security and Privacy. ACISP 2016. Lecture Notes in Computer Science(), vol 9723. Springer, Cham. https://doi.org/10.1007/978-3-319-40367-0_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-40367-0_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-40366-3

  • Online ISBN: 978-3-319-40367-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation