Chapter

Information Security and Cryptology - ICISC 2003

Volume 2971 of the series Lecture Notes in Computer Science pp 402-417

Differential Cryptanalysis of TEA and XTEA

  • Seokhie HongAffiliated withCenter for Information Security Technologies(CIST) Korea University
  • , Deukjo HongAffiliated withCenter for Information Security Technologies(CIST) Korea University
  • , Youngdai KoAffiliated withCenter for Information Security Technologies(CIST) Korea University
  • , Donghoon ChangAffiliated withCenter for Information Security Technologies(CIST) Korea University
  • , Wonil LeeAffiliated withCenter for Information Security Technologies(CIST) Korea University
  • , Sangjin LeeAffiliated withCenter for Information Security Technologies(CIST) Korea University

* Final gross prices may vary according to local VAT.

Get Access

Abstract

TEA and XTEA are simple block ciphers consisting of exclusive-or, addition, and shift. Although their round functions are very simple and guarantee a little security, large number of 64 rounds have made them secure enough. It seems that the best result for TEA is the related-key attack [3], but it is less reasonable than such attacks for one key as differential and linear attacks. Impossible differential attacks on 12-round TEA and 14-round XTEA are best results except for related-key attack [5]. We suggest differential and truncated differential attacks on TEA and XTEA better than them. Our best results on TEA and XTEA are attacks on 17-round TEA and 23-round XTEA.

Keywords

Block cipher TEA XTEA differential cryptanalysis truncated differential cryptanalysis