A Meet-in-the-Middle Attack on Reduced-Round Kalyna-b/2b

In this letter, we present a meet-in-the-middle attack on the 5-round reduced Kuznyechik cipher which has been recently chosen to be standardized by the Russian federation. Our attack is based on the differential enumeration approach. However, the application of the exact approach is not successful on Kuznyechik due to its optimal round diffusion properties. Accordingly, we adopt an equivalent representation for the last round where we can efficiently filter ciphertext pairs and launch the attack in the chosen ciphertext setting. We also utilize partial sequence matching which further reduces the memory and time complexities. For the 5-round reduced cipher, the 256-bit master key is recovered with an online time complexity of 2140.3, a memory complexity of 2153.3, and a data complexity of 2113. key words: Kuznyechik, Cryptanalysis, Meet-in-the-middle attacks, Differential enumeration, GOST-Grasshopper.

[1]  Jérémy Jean,et al.  Improved Key Recovery Attacks on Reduced-Round AES in the Single-Key Setting , 2013, IACR Cryptol. ePrint Arch..

[2]  Yonglin Hao,et al.  A Meet-in-the-Middle Attack on Round-Reduced mCrypton Using the Differential Enumeration Technique , 2015, NSS.

[3]  Oleksandr Kazymyrov,et al.  Algebraic Aspects of the Russian Hash Standard GOST R 34.11-2012 , 2013, IACR Cryptol. ePrint Arch..

[4]  Roman Oliynykov,et al.  A New Encryption Standard of Ukraine: The Kalyna Block Cipher , 2015, IACR Cryptol. ePrint Arch..

[5]  Florian Mendel,et al.  The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl , 2009, FSE.

[6]  Keting Jia,et al.  Improved Single-Key Attacks on 9-Round AES-192/256 , 2014, FSE.

[7]  Ali Aydin Selçuk,et al.  A Meet-in-the-Middle Attack on 8-Round AES , 2008, FSE.

[8]  Dawu Gu,et al.  Differential and Linear Cryptanalysis Using Mixed-Integer Linear Programming , 2011, Inscrypt.

[9]  Amr M. Youssef,et al.  Fault Analysis of Kuznyechik , 2015, IACR Cryptol. ePrint Arch..

[10]  Joan Daemen,et al.  AES Proposal : Rijndael , 1998 .

[11]  Amr M. Youssef,et al.  Meet in the Middle Attacks on Reduced Round Kuznyechik , 2015, IACR Cryptol. ePrint Arch..

[12]  Adi Shamir,et al.  Improved Single-Key Attacks on 8-Round AES-192 and AES-256 , 2010, Journal of Cryptology.

[13]  Yu Sasaki,et al.  Meet-in-the-Middle Attacks on Generic Feistel Constructions , 2014, ASIACRYPT.

[14]  Amr M. Youssef,et al.  Meet-in-the-Middle Attacks on Reduced-Round Hierocrypt-3 , 2015, LATINCRYPT.