Attacking Reduced-Round Versions of the SMS4 Block Cipher in the Chinese WAPI Standard

SMS4 is a 32-round block cipher with a 128-bit block size and a 128-bit user key. It is used in WAPI, the Chinese WLAN national standard. In this paper, we present a rectangle attack on 14-round SMS4, and an impossible differential attack on 16-round SMS4. These are better than any previously known cryptanalytic results on SMS4 in terms of the numbers of attacked rounds.

[1]  A. M. Abdullah,et al.  Wireless lan medium access control (mac) and physical layer (phy) specifications , 1997 .

[2]  Eli Biham,et al.  Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.

[3]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[4]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[5]  David A. Wagner,et al.  Integral Cryptanalysis , 2002, FSE.

[6]  Lei Hu,et al.  Analysis of the SMS4 Block Cipher , 2007, ACISP.

[7]  Wu Wen Differential Fault Analysis on SMS4 , 2006 .

[8]  Eli Biham,et al.  Miss in the Middle Attacks on IDEA and Khufu , 1999, FSE.

[9]  Jongsung Kim,et al.  Differential and Rectangle Attacks on Reduced-Round SHACAL-1 , 2006, INDOCRYPT.

[10]  Eli Biham,et al.  The Rectangle Attack - Rectangling the Serpent , 2001, EUROCRYPT.

[11]  David A. Wagner,et al.  The Boomerang Attack , 1999, FSE.

[12]  Jongsung Kim,et al.  Improving the Efficiency of Impossible Differential Cryptanalysis of Reduced Camellia and MISTY 1 , 2007 .

[13]  Eli Biham,et al.  Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials , 1999 .

[14]  Bruce Schneier,et al.  Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent , 2000, FSE.

[15]  Tanja Lange,et al.  Progress in Cryptology - INDOCRYPT 2006, 7th International Conference on Cryptology in India, Kolkata, India, December 11-13, 2006, Proceedings , 2006, INDOCRYPT.

[16]  Jongsung Kim,et al.  Related-Key Rectangle Attack on 42-Round SHACAL-2 , 2006, ISC.