Improved Related-Tweakey Rectangle Attacks on Reduced-Round Deoxys-BC-384 and Deoxys-I-256-128

Deoxys-BC is the core internal tweakable block cipher of the authenticated encryption schemes Deoxys-I and Deoxys-II. Deoxys-II is one of the six schemes in the final portfolio of the CAESAR competition, while Deoxys-I is a 3rd round candidate. By well studying the new method proposed by Cid et al. at ToSC 2017 and BDT technique proposed by Wang and Peyrin at ToSC 2019, we find a new 11-round related-tweakey boomerang distinguisher of Deoxys-BC-384 with probability of \(2^{-118.4}\), and give a related-tweakey rectangle attack on 13-round Deoxys-BC-384 with a data complexity of \(2^{125.2}\) and time complexity of \(2^{186.7}\), and then apply it to analyze 13-round Deoxys-I-256-128 in this paper. This is the first time that an attack on 13-round Deoxys-I-256-128 is given, while the previous attack on this version only reaches 12 rounds.

[1]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[2]  Thomas Peyrin,et al.  Tweaks and Keys for Block Ciphers: The TWEAKEY Framework , 2014, ASIACRYPT.

[3]  Willi Meier,et al.  Generalized related-key rectangle attacks on block ciphers with linear key schedule: applications to SKINNY and GIFT , 2020, Designs, Codes and Cryptography.

[4]  Keting Jia,et al.  New Related-Tweakey Boomerang and Rectangle Attacks on Deoxys-BC Including BDT Effect , 2019, IACR Trans. Symmetric Cryptol..

[5]  Bruce Schneier,et al.  Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent , 2000, FSE.

[6]  Tao Huang,et al.  A Security Analysis of Deoxys and its Internal Tweakable Block Ciphers , 2017, IACR Trans. Symmetric Cryptol..

[7]  Eli Biham,et al.  The Rectangle Attack - Rectangling the Serpent , 2001, EUROCRYPT.

[8]  David A. Wagner,et al.  The Boomerang Attack , 1999, FSE.

[9]  Thomas Peyrin,et al.  Boomerang Switch in Multiple Rounds. Application to AES Variants and Deoxys , 2019, IACR Trans. Symmetric Cryptol..

[10]  Tao Huang,et al.  Boomerang Connectivity Table: A New Cryptanalysis Tool , 2018, IACR Cryptol. ePrint Arch..

[11]  Eli Biham,et al.  Related-Key Boomerang and Rectangle Attacks , 2005, EUROCRYPT.

[12]  Xiaoyun Wang,et al.  Related-tweakey impossible differential attack on reduced-round Deoxys-BC-256 , 2017, Science China Information Sciences.

[13]  Farokhlagha Moazami,et al.  Impossible Differential Cryptanalysis on Deoxys-BC-256 , 2018, IACR Cryptol. ePrint Arch..

[14]  Yu Sasaki,et al.  Improved Related-Tweakey Boomerang Attacks on Deoxys-BC , 2018, AFRICACRYPT.

[15]  Lei Hu,et al.  Automatic Security Evaluation and (Related-key) Differential Characteristic Search: Application to SIMON, PRESENT, LBlock, DES(L) and Other Bit-Oriented Block Ciphers , 2014, ASIACRYPT.

[16]  Chenhui Jin,et al.  Meet-in-the-middle attacks on round-reduced tweakable block cipher Deoxys-BC , 2019, IET Inf. Secur..

[17]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[18]  David A. Wagner,et al.  Tweakable Block Ciphers , 2002, Journal of Cryptology.