Slide Attack on Spectr-H64

We compare one round diffusion characteristics of the block cipher Spectr-H64 to those of AES-Rijndael and Safer K-64, in terms of the Avalanche Weight Distribution (AWD) criterion and observe a weakness in the round transformation of Spectr-H64. We exploit this weakness to break one round of Spectr-H64 extracting half of the key bits, and develop a chosen plaintext slide attack against the overall encryption algorithm, which works for 232 elements of the key space (out of 2256). We also observe 2128 weak keys, for which encryption becomes the same function as decryption, and 232 fixed points for each weak key.

[1]  Chuan Yi Tang,et al.  A 2.|E|-Bit Distributed Algorithm for the Directed Euler Trail Problem , 1993, Inf. Process. Lett..

[2]  Gustavus J. Simmons,et al.  Cycle Structures of the DES with Weak and Semi-Weak Keys , 1986, CRYPTO.

[3]  Melek D. Yücel,et al.  Performance Evaluation of Safer K-64 and S-Boxes of the Safer Family , 2001 .

[4]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[5]  Lars R. Knudsen,et al.  Cryptanalysis of LOKI91 , 1992, AUSCRYPT.

[6]  Victor A. Skormin,et al.  Information assurance in computer networks : methods, models and architectures for network security : International Workshop MMM-ACNS 2001, St. Petersburg, Russia, May 21-23, 2001 : proceedings , 2001 .

[7]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[8]  Selçuk Kavut,et al.  On Some Cryptographic Properties of Rijndael , 2001, MMM-ACNS.

[9]  Don Coppersmith,et al.  The Real Reason for Rivest's Phenomenon , 1985, CRYPTO.

[10]  Alex Biryukov,et al.  Slide Attacks , 1999, FSE.

[11]  Nikolay A. Moldovyan,et al.  Fast Encryption Algorithm Spectr-H64 , 2001, MMM-ACNS.

[12]  James L. Massey,et al.  SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm , 1993, FSE.

[13]  Alex Biryukov,et al.  Advanced Slide Attacks , 2000, EUROCRYPT.

[14]  Sean Murphy The cryptanalysis of FEAL-4 with 20 chosen plaintexts , 2004, Journal of Cryptology.

[15]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[16]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[17]  Eli Biham,et al.  New types of cryptanalytic attacks using related keys , 1994, Journal of Cryptology.

[18]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.