Slide Attack on Spectr-H64

  • Selçuk Kavut
  • Melek D. Yücel
Conference paper

DOI: 10.1007/3-540-36231-2_4

Volume 2551 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Kavut S., Yücel M.D. (2002) Slide Attack on Spectr-H64. In: Menezes A., Sarkar P. (eds) Progress in Cryptology — INDOCRYPT 2002. INDOCRYPT 2002. Lecture Notes in Computer Science, vol 2551. Springer, Berlin, Heidelberg

Abstract

We compare one round diffusion characteristics of the block cipher Spectr-H64 to those of AES-Rijndael and Safer K-64, in terms of the Avalanche Weight Distribution (AWD) criterion and observe a weakness in the round transformation of Spectr-H64. We exploit this weakness to break one round of Spectr-H64 extracting half of the key bits, and develop a chosen plaintext slide attack against the overall encryption algorithm, which works for 232 elements of the key space (out of 2256). We also observe 2128 weak keys, for which encryption becomes the same function as decryption, and 232 fixed points for each weak key.

Keywords

Slide attack Spectr-H64 Avalanche Weight Distribution (AWD) 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Selçuk Kavut
    • 1
  • Melek D. Yücel
    • 1
  1. 1.Electrical & Electronics Eng. Dept.Middle East Technical University TÜBİTAK-BİLTEN, Information Technologies and Electronics Research InstituteAnkaraTurkey