Skip to main content
SpringerLink
Log in

The Higher-Order Meet-in-the-Middle Attack and Its Application to the Camellia Block Cipher

(Extended Abstract)

  • Conference paper
Progress in Cryptology - INDOCRYPT 2012 (INDOCRYPT 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7668))

Included in the following conference series:

Abstract

The meet-in-the-middle (MitM) attack is a technique for analysing the security of a block cipher. In this paper, we propose an extension of the MitM attack, which we call the higher-order meet-in-the-middle (HO-MitM) attack; the core idea of the HO-MitM attack is to use multiple plaintexts to cancel some key-dependent component(s) or parameter(s) when constructing a basic unit of “value-in-the-middle”. We introduce a novel approach, which combines integral cryptanalysis with the MitM attack, to construct HO-MitM attacks on 10-round Camellia under 128 key bits, 11-round Camellia under 192 key bits and 12-round Camellia under 256 key bits, all of which include FL/FL− 1 functions. Finally, we apply an existing approach to construct HO-MitM attacks on 14-round Camellia without FL/FL− 1 functions under 192 key bits and 16-round Camellia without FL/FL− 1 functions under 256 key bits.

This paper was presented in part in an invited talk given by J. Lu at the First Asian Workshop on Symmetric Key Cryptography (ASK 2011), Singapore, August 2011. The work was supported by the French ANR project SAPHIR II (No. ANR-08-VERS-014), the Natural Science Foundation of China (No. 61100185), Guangxi Natural Science Foundation (No. 2011GXNSFB018071), the Foundation of Guangxi Key Lab of Wireless Wideband Communication and Signal Processing (No. 11101), China Postdoctoral Science Foundation funded project, and the Basic Science Research Program through the National Research Foundation of Korea funded by Ministry of Education, Science and Technology (No. 2012-0003556).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms - Design and Analysis. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 39–56. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  2. Bai, D., Li, L.: New Impossible Differential Attacks on Camellia. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 80–96. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  3. Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999)

    Google Scholar 

  4. Biham, E., Dunkelman, O., Keller, N.: The Rectangle Attack - Rectangling the Serpent. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 340–357. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  5. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology 4(1), 3–72 (1991)

    Article  MathSciNet  MATH  Google Scholar 

  6. Biryukov, A., Shamir, A.: Structural cryptanalysis of SASAS. Journal of Cryptology 23(4), 505–518 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  7. Chen, J., Jia, K., Yu, H., Wang, X.: New Impossible Differential Attacks of Reduced-Round Camellia-192 and Camellia-256. In: Parampalli, U., Hawkes, P. (eds.) ACISP 2011. LNCS, vol. 6812, pp. 16–33. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  8. CRYPTREC — Cryptography Research and Evaluatin Committees, report 2002 (2003)

    Google Scholar 

  9. Daemen, J., Knudsen, L.R., Rijmen, V.: The Block Cipher SQUARE. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  10. Demirci, H., Selçuk, A.A.: A Meet-in-the-Middle Attack on 8-Round AES. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 116–126. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  11. Demirci, H., Taşkın, İ., Çoban, M., Baysal, A.: Improved Meet-in-the-Middle Attacks on AES. In: Roy, B., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol. 5922, pp. 144–156. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  12. Diffie, W., Hellman, M.: Exhaustive cryptanalysis of the NBS data encryption standard. Computer 10(6), 74–84 (1977)

    Article  Google Scholar 

  13. Dunkelman, O., Keller, N., Shamir, A.: Improved Single-Key Attacks on 8-Round AES-192 and AES-256. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 158–176. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  14. Lei, D., Chao, L., Feng, K.: New Observation on Camellia. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 51–64. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  15. Gilbert, H., Minier, M.: A collision attack on 7 rounds of Rijndael. In: Proceedings of the Third Advanced Encryption Standard Candidate Conference, pp. 230–241. NIST (2000)

    Google Scholar 

  16. Hatano, Y., Sekine, H., Kaneko, T.: Higher Order Differential Attack of Camellia(II). In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 39–56. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Hellman, M.E.: A cryptanalytic time–memory trade-off. IEEE Transcations on Information Theory 26(4), 401–406 (1980)

    Article  MathSciNet  MATH  Google Scholar 

  18. Hu, Y., Zhang, Y., Xiao, G.: Integral cryptanalysis of SAFER+. Electronics Letters 35(17), 1458–1459 (1999)

    Article  Google Scholar 

  19. International Standardization of Organization (ISO), International Standard – ISO/IEC 18033-3, Information technology – Security techniques – Encryption algorithms – Part 3: Block ciphers (2005)

    Google Scholar 

  20. Knudsen, L.R.: Truncated and Higher Order Differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  21. Knudsen, L.R.: DEAL — a 128-bit block cipher. Technical report, Department of Informatics, University of Bergen, Norway (1998)

    Google Scholar 

  22. Knudsen, L.R., Wagner, D.: Integral Cryptanalysis. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 112–127. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  23. Lai, X.: Higher order derivatives and differential cryptanalysis. In: Communications and Cryptography, pp. 227–233. Academic Publishers (1994)

    Google Scholar 

  24. Liu, Y., Li, L., Gu, D., Wang, X., Liu, Z., Chen, J., Li, W.: New Observations on Impossible Differential Cryptanalysis of Reduced-Round Camellia. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 90–109. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  25. Lu, J.: Cryptanalysis of block ciphers. PhD thesis, University of London, UK (2008)

    Google Scholar 

  26. Lu, J., Wei, Y., Kim, J., Fouque, P.-A.: Cryptanalysis of reduced versions of the Camellia block cipher. In: Miri, A., Vaudenay, S. (eds.) Pre-proceedings of SAC 2011 (2011), http://sac2011.ryerson.ca/SAC2011/LWKF.pdf , An editorially revised version is to appear in IET Information Security

  27. Lu, J., Wei, Y., Pasalic, E., Fouque, P.-A.: Meet-in-the-Middle Attack on Reduced Versions of the Camellia Block Cipher. In: Hanaoka, G., Yamauchi, T. (eds.) IWSEC 2012. LNCS, vol. 7631, pp. 197–215. Springer, Heidelberg (2012)

    Google Scholar 

  28. Mala, H., Shakiba, M., Dakhilalian, M., Bagherikaram, G.: New Results on Impossible Differential Cryptanalysis of Reduced–Round Camellia–128. In: Jacobson Jr., M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 281–294. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  29. Mala, H., Dakhilalian, M., Shakiba, M.: Impossible differential cryptanalysis of reduced-round Camellia-256. IET Information Security 5(3), 129–134 (2011)

    Article  Google Scholar 

  30. Matsui, M.: Linear Cryptanalysis Method for DES Cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)

    Google Scholar 

  31. NESSIE — New European Schemes for Signatures, Integrity, and Encryption, Final report of European project IST-1999-12324 (2004)

    Google Scholar 

  32. Wei, Y., Lu, J., Hu, Y.: Meet-in-the-Middle Attack on 8 Rounds of the AES Block Cipher under 192 Key Bits. In: Bao, F., Weng, J. (eds.) ISPEC 2011. LNCS, vol. 6672, pp. 222–232. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  33. Wu, W., Feng, D., Chen, H.: Collision Attack and Pseudorandomness of Reduced-Round Camellia. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 252–266. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  34. Wagner, D.: The Boomerang Attack. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  35. Yeom, Y., Park, S., Kim, I.: A study of integral type cryptanalysis on Camellia. In: Proceedings of the 2003 Symposium on Cryptography and Information Security, pp. 453–456. IEICE (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Infocomm Research, Agency for Science, Technology and Research, 1 Fusionopolis Way, #19-01 Connexis, Singapore, 138632

    Jiqiang Lu

  2. Guilin University of Electronic Technology, Guilin City, Guangxi Province, 541004, P.R. China

    Yongzhuang Wei

  3. State Key Lab of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, 100190, China

    Yongzhuang Wei

  4. Department of e-Business, Kyungnam University, 449 Wolyoung-dong, Masan, Kyungnam, Korea

    Jongsung Kim

  5. University of Primorska FAMNIT, Koper, Slovenia

    Enes Pasalic

Authors
  1. Jiqiang Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yongzhuang Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jongsung Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Enes Pasalic
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Mathematics, University of Auckland, Private Bag 92019, 1142, Auckland, New Zealand

    Steven Galbraith

  2. Indian Statistical Institute, Applied Statistics Unit, 203 B.T. Road, 700108, Kolkata, West Bengal, India

    Mridul Nandi

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lu, J., Wei, Y., Kim, J., Pasalic, E. (2012). The Higher-Order Meet-in-the-Middle Attack and Its Application to the Camellia Block Cipher. In: Galbraith, S., Nandi, M. (eds) Progress in Cryptology - INDOCRYPT 2012. INDOCRYPT 2012. Lecture Notes in Computer Science, vol 7668. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34931-7_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-34931-7_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34930-0

  • Online ISBN: 978-3-642-34931-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation