Chapter

Advances in Cryptology – ASIACRYPT 2009

Volume 5912 of the series Lecture Notes in Computer Science pp 19-36

The Key-Dependent Attack on Block Ciphers

  • Xiaorui SunAffiliated withDepartment of Computer Science, Shanghai Jiao Tong University
  • , Xuejia LaiAffiliated withDepartment of Computer Science, Shanghai Jiao Tong University

Abstract

In this paper, we formalize an attack scheme using the key-dependent property, called key-dependent attack. In this attack, the intermediate value, whose distribution is key-dependent, is considered. The attack determines whether a key is right by conducting statistical hypothesis test of the intermediate value. The time and data complexity of the key-dependent attack is also discussed.

We also apply key-dependent attack on reduced-round IDEA. This attack is based on the key-dependent distribution of certain items in Biryukov-Demirci Equation. The attack on 5.5-round variant of IDEA requires 221 chosen plaintexts and 2112.1 encryptions. The attack on 6-round variant requires 249 chosen plaintexts and 2112.1 encryptions. Compared with the previous attacks, the key-dependent attacks on 5.5-round and 6-round IDEA have the lowest time and data complexity, respectively.

Keywords

Block Cipher Key-Dependent Attack IDEA