Linear Cryptanalysis of ARIA Block Cipher

In this paper, we firstly present an approach to derive a kind of special linear characteristics for byte-oriented SPN block ciphers. Then based on this approach, we study the security of the block cipher ARIA against linear cryptanalysis and propose an attack on 7-round ARIA with 128/192/256-bit key size, an attack on 9-round ARIA with 192/256-bit key size as well as an attack on 11-round ARIA with 256-bit key size. The designers of ARIA expect that there isn't any effective attack on 8 or more rounds of ARIA with 128/192/256-bit key size by means of linear cryptanalysis. However, our work shows that such attacks do exist. Moreover, our cryptanalytic results are the best known cryptanalytic results of ARIA so far.

[1]  Chao Li,et al.  A Meet-in-the-Middle Attack on ARIA , 2010, IACR Cryptol. ePrint Arch..

[2]  Jiazhe Chen,et al.  Impossible Differential Cryptanalysis of ARIA Reduced to 7 Rounds , 2010, CANS.

[3]  Daesung Kwon,et al.  New Block Cipher: ARIA , 2003, ICISC.

[4]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[5]  Eli Biham,et al.  Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials , 1999, Journal of Cryptology.

[6]  David A. Wagner,et al.  The Boomerang Attack , 1999, FSE.

[7]  Chao Li,et al.  Integral Cryptanalysis of ARIA , 2009, Inscrypt.

[8]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[9]  Guang Gong,et al.  Progress in Cryptology - INDOCRYPT 2010 , 2010, Lecture Notes in Computer Science.

[10]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[11]  Dengguo Feng,et al.  Impossible Differential Cryptanalysis of Reduced-Round ARIA and Camellia , 2007, Journal of Computer Science and Technology.

[12]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[13]  Mark Manulis,et al.  Cryptology and Network Security , 2012, Lecture Notes in Computer Science.

[14]  Lars R. Knudsen,et al.  Truncated and Higher Order Differentials , 1994, FSE.

[15]  Stefan Lucks,et al.  New Boomerang Attacks on ARIA , 2010, INDOCRYPT.

[16]  Ali Aydin Selçuk,et al.  On Probability of Success in Linear and Differential Cryptanalysis , 2008, Journal of Cryptology.

[17]  Yanjun Li,et al.  Integral Attacks on Reduced-Round ARIA Block Cipher , 2010, ISPEC.

[18]  David A. Wagner,et al.  Integral Cryptanalysis , 2002, FSE.

[19]  Jongin Lim,et al.  Information Security and Cryptology - ICISC 2003 , 2003, Lecture Notes in Computer Science.

[20]  Ali Aydin Selçuk,et al.  A Meet-in-the-Middle Attack on 8-Round AES , 2008, FSE.

[21]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .