Low probability differentials and the cryptanalysis of full-round CLEFIA-128

Sareh Emami*, San Ling, Ivica Nikolić, Josef Pieprzyk, Huaxiong Wang

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

2 Citations (Scopus)

Abstract

So far, low probability differentials for the key schedule of block ciphers have been used as a straightforward proof of security against related-key differential analysis. To achieve resistance, it is believed that for cipher with k-bit key it suffices the upper bound on the probability to be 2-k. Surprisingly, we show that this reasonable assumption is incorrect, and the probability should be (much) lower than 2-k. Our counter example is a related-key differential analysis of the well established block cipher CLEFIA-128. We show that although the key schedule of CLEFIA-128 prevents differentials with a probability higher than 2-128, the linear part of the key schedule that produces the round keys, and the Feistel structure of the cipher, allow to exploit particularly chosen differentials with a probability as low as 2-128. CLEFIA-128 has 214 such differentials, which translate to 214 pairs of weak keys. The probability of each differential is too low, but the weak keys have a special structure which allows with a divide-and-conquer approach to gain an advantage of 27 over generic analysis. We exploit the advantage and give a membership test for the weak-key class and provide analysis of the hashing modes. The proposed analysis has been tested with computer experiments on small-scale variants of CLEFIA-128. Our results do not threaten the practical use of CLEFIA.

Original languageEnglish
Title of host publicationAdvances in Cryptology - ASIACRYPT 2014 - 20th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings, Part I
EditorsPalash Sarkar, Tetsu Iwata
Place of PublicationHeidelberg
PublisherSpringer, Springer Nature
Pages141-157
Number of pages17
Volume8873
ISBN (Electronic)9783662456101
DOIs
Publication statusPublished - 2014
Event20th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT - 2014 - Kaohsiung, Taiwan, Province of China
Duration: 7 Dec 201411 Dec 2014

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8873
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other20th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT - 2014
CountryTaiwan, Province of China
CityKaohsiung
Period7/12/1411/12/14

Fingerprint Dive into the research topics of 'Low probability differentials and the cryptanalysis of full-round CLEFIA-128'. Together they form a unique fingerprint.

Cite this