Miss in the Middle Attacks on IDEA and Khufu

In a recent paper we developed a new cryptanalytic technique based on impossible differentials, and used it to attack the Skipjack encryption algorithm reduced from 32 to 31 rounds. In this paper we describe the application of this technique to the block ciphers IDEA and Khufu. In both cases the new attacks cover more rounds than the best currently known attacks. This demonstrates the power of the new cryptanalytic technique, shows that it is applicable to a larger class of cryptosystems, and develops new technical tools for applying it in new situations.

[1]  Xuejia Lai,et al.  Markov Ciphers and Differential Cryptanalysis , 1991, EUROCRYPT.

[2]  David Chaum,et al.  Advances in Cryptology: Proceedings Of Crypto 83 , 2012 .

[3]  Philip Hawkes,et al.  Differential-Linear Weak Key Classes of IDEA , 1998, EUROCRYPT.

[4]  Bruce Schneier,et al.  Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES , 1996, CRYPTO.

[5]  Vincent Rijmen,et al.  Two Attacks on Reduced IDEA (Extended Abstract) , 1997 .

[6]  Xuejia Lai,et al.  On the design and security of block ciphers , 1992 .

[7]  Eli Biham,et al.  How to Strengthen DES Using Existing Hardware , 1994, ASIACRYPT.

[8]  Eyal Kushilevitz,et al.  From Differential Cryptanalysis to Ciphertext-Only Attacks , 1998, CRYPTO.

[9]  Joan Daemen Cryptanalysis of 2,5 Rounds of IDEA (Extended Abstract) , 1993 .

[10]  Philip Hawkes,et al.  On Applying Linear Cryptanalysis to IDEA , 1996, ASIACRYPT.

[11]  Ralph C. Merkle,et al.  Fast Software Encryption Functions , 1990, CRYPTO.

[12]  Willi Meier,et al.  On the Security of the IDEA Block Cipher , 1994, EUROCRYPT.

[13]  Xuejia Lai,et al.  A Proposal for a New Block Encryption Standard , 1991, EUROCRYPT.

[14]  Henri Gilbert,et al.  A Chosen Plaintext Attack of the 16-round Khufu Cryptosystem , 1994, CRYPTO.

[15]  Toshinobu Kaneko,et al.  Improving the Higher Order Differential Attack and Cryptanalysis of the KN Cipher , 1997, ISW.

[16]  Eli Biham,et al.  Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.

[17]  Mitsuru Matsui,et al.  New Structure of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis , 1996, FSE.

[18]  Vincent Rijmen,et al.  Two Attacks on Reduced IDEA , 1997, EUROCRYPT.

[19]  A. Shimizu,et al.  Fast data encipherment algorithm FEAL-8 , 1978 .

[20]  Mitsuru Matsui,et al.  New Block Encryption Algorithm MISTY , 1997, FSE.

[21]  Joos Vandewalle,et al.  Weak Keys for IDEA , 1994, CRYPTO.

[22]  C. Adams,et al.  DESIGNING S-BOXES FOR CIPHERS RESISTANT TO DIFFERENTIAL CRYPTANALYSIS ( Extended , 1993 .

[23]  Thomas Jakobson,et al.  Cryptanalysis of Block Ciphers with Probabilistic Non-linear Relations of Low Degree , 1998, CRYPTO.