New Weak-Key Classes of IDEA

  • Alex Biryukov
  • Jorge NakaharaJr
  • Bart Preneel
  • Joos Vandewalle
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2513)


This paper presents a large collection of new weak-key classes for the IDEA cipher. The classes presented in this paper contain 253-264 weak keys (as compared with 251 differential weak keys presented by Daemen at CRYPTO’93 and 263 differential-linear weak-keys presented by Hawkes at EUROCRYPT’98). The novelty of our approach is in the use of boomerang distinguishers for the weak-key class membership test. We also show large weak-key classes for reduced-round versions of IDEA.


IDEA cipher weak keys boomerang attack NESSIE 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Biham, E., Biryukov, A., Shamir, A.: Miss-in-the-Middle Attacks on IDEA, Khufu and Khafre, 6th Fast Software Encryption Workshop, LNCS 1636, L.R. Knudsen, Ed., Springer-Verlag, 1999, 124–138.CrossRefGoogle Scholar
  2. 2.
    Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, 1993.Google Scholar
  3. 3.
    Borst, J., Knudsen, L.R., Rijmen, V.: Two Attacks on Reduced IDEA (extended abstract), Advances in Cryptology, Eurocrypt’97, LNCS 1233, W. Fumy, Ed., Springer-Verlag, 1997, 1–13.Google Scholar
  4. 4.
    Daemen, J., Govaerts, R., Vandewalle, J.: Weak Keys for IDEA, Advances in Cryptology, Crypto’93, LNCS 773, D.R. Stinson, Ed., Springer-Verlag, 1994, 224–231.Google Scholar
  5. 5.
    Hawkes, P.: Differential-Linear Weak Key Classes of IDEA, Advances in Cryptology, Eurocrypt’98, LNCS 1403, K. Nyberg, Ed., Springer-Verlag, 1998, 112–126.CrossRefGoogle Scholar
  6. 6.
    Hawkes, P., O’Connor, L.: On Applying Linear Cryptanalysis to IDEA, Advances in Cryptology, Asiacrypt’96, LNCS 1163, K. Kim and T. Matsumoto, Eds., Springer-Verlag, 1996, 105–115.CrossRefGoogle Scholar
  7. 7.
    Kelsey, J., Schneier, B., Wagner, D.: Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER and Triple-DES, Advances in Cryptology, Crypto’96, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, 237–251.Google Scholar
  8. 8.
    Lai, X.: On the Design and Security of Block Ciphers, Hartung-Gorre Verlag, Konstanz, 1992.Google Scholar
  9. 9.
    Lai, X., Massey, J.L.: A Proposal for a New Block Encryption Standard, Advances in Cryptology, Eurocrypt’90, LNCS 473, I.B. Damgℴard, Ed., Springer-Verlag, 1990, 389–404.Google Scholar
  10. 10.
    Lai, X., Massey, J.L., Murphy, S.: Markov Ciphers and Differential Cryptanalysis, Advances in Cryptology, Eurocrypt’91, LNCS 547, D.W. Davies, Ed., Springer-Verlag, 1991, 17–38.Google Scholar
  11. 11.
    Meier, W.: On the Security of the IDEA Block Cipher, Advances in Cryptology, Eurocrypt’93, LNCS 765, T. Helleseth, Ed., Springer-Verlag, 1994, 371–385.Google Scholar
  12. 12.
    NESSIE Project-New European Schemes for Signatures, Integrity and Encryption-available at
  13. 13.
    Wagner, D.: The Boomerang Attack, 6th Fast Software Encryption Workshop, LNCS 1636, L.R. Knudsen, Ed., Springer-Verlag, 1999, 156–170.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Alex Biryukov
    • 1
  • Jorge NakaharaJr
    • 1
  • Bart Preneel
    • 1
  • Joos Vandewalle
    • 1
  1. 1.Dept. ESAT/COSICKatholieke Universiteit LeuvenBelgium

Personalised recommendations