2013 | OriginalPaper | Buchkapitel
Multidimensional Meet-in-the-Middle Attacks on Reduced-Round TWINE-128
verfasst von : Özkan Boztaş, Ferhat Karakoç, Mustafa Çoban
Erschienen in: Lightweight Cryptography for Security and Privacy
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
TWINE is a lightweight block cipher designed for multiple platforms and was proposed at Selected Areas in Cryptography, 2012. The number of rounds of TWINE is 36 and the most powerful attack given by the designers is the impossible differential attack against 24 rounds of TWINE-128 whose time complexity is 2
115.10
encryptions and data complexity is 2
52.21
blocks. The best attack known so far is the biclique attack on the full round cipher with a time complexity of 2
126.82
and data complexity of 2
60
. However the time complexity of biclique attack is near exhaustive search and data needed for the attack is near the whole codebook.
In this paper we propose some meet-in-the-middle type attacks on reduced round TWINE-128. We show that meet-in-the-middle type attacks can be applied on more rounds than the best attack done by the designers while they claim that the first 5 rounds contain all the key bits for TWINE-128.
Our attacks are due to the slow diffusion of both the cipher and the key schedule algorithm. One of our attacks just use 2
12
chosen plaintext-ciphertext pair with time complexity of 2
124
to break 21 rounds of the algorithm. Also we propose another attack on 25 rounds of the cipher by using 2
48
chosen plaintext-ciphertext pairs with the time complexity of 2
122
and memory complexity of 2
125
while the best attack proposed by the designers is for 24 rounds.