Integral Cryptanalysis of ARIA

This paper studies the security of the block cipher ARIA against integral attack. The designers believe that determining whether any given byte position is balanced or not after 3 rounds of encryption is not possible. However, by determining the times that each element of the output of the second round appears is an even integer, we find some 3-round integral distinguishers of ARIA in this paper, which may lead to possible attacks on 4, 5 and 6-round ARIA. Both the data and time complexities of 4-round attack are 225; the data and time complexities of 5-round attack are 227.2 and 276.7, respectively; the data and time complexities of 6-round attack are 2124.4 and 2172.4, respectively. Moreover, the 4 and 5-round attacks have the lowest data and time complexities compared to existing attacks on ARIA. Our results also show that the choice of S-box and different order of S-boxes do have influence on integral attacks.

[1]  Stefan Lucks The Saturation Attack - A Bait for Twofish , 2000, FSE.

[2]  Alex Biryukov,et al.  Structural Cryptanalysis of SASAS , 2001, Journal of Cryptology.

[3]  David A. Wagner,et al.  Integral Cryptanalysis , 2002, FSE.

[4]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[5]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[6]  Matt Henricksen,et al.  Bit-Pattern Based Integral Attack , 2008, FSE.

[7]  Dengguo Feng,et al.  Impossible Differential Cryptanalysis of Reduced-Round ARIA and Camellia , 2007, Journal of Computer Science and Technology.

[8]  Chao Li,et al.  SQUARE attack on block ciphers with low algebraic degree , 2010, Science China Information Sciences.

[9]  Jung Hwan Song,et al.  Constructing and Cryptanalysis of a 16 × 16 Binary Matrix as a Diffusion Layer , 2003, WISA.

[10]  Vincent Rijmen,et al.  The Block Cipher Square , 1997, FSE.

[11]  Bruce Schneier,et al.  Improved Cryptanalysis of Rijndael , 2000, FSE.

[12]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[13]  Yasuo Hatano,et al.  Higher Order Differential Attack of Camellia (II) , 2002, Selected Areas in Cryptography.

[14]  Stefan Lucks,et al.  Attacking Reduced Rounds of the ARIA Block Cipher , 2009, IACR Cryptol. ePrint Arch..

[15]  Chao Li,et al.  New Cryptanalysis of Block Ciphers with Low Algebraic Degree , 2009, FSE.

[16]  Jongin Lim,et al.  Information Security and Cryptology - ICISC 2003 , 2003, Lecture Notes in Computer Science.

[17]  Daesung Kwon,et al.  New Block Cipher: ARIA , 2003, ICISC.

[18]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.