Impossible Differential Cryptanalysis of Zodiac
We discuss the impossible differential cryptanalysis of the block cipher Zodiac . The main design principles of Zodiac are simplicity and efficiency. However the diffusion layer in its round function is too simple to offer enough security. An impossible differential cryptanalysis is a proper method to attack the weakness of Zodiac. Our attack using two 14-round impossible characteristics derives 128-bit master key of the full 16-round Zodiac with its complexity 2119 encryption times faster than the exhaustive search. The efficiency of the attack compared with exhaustive search increases as the key size increases.
- 2.E. Biham, A. Biryukov, and A. Shamir, Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials, Advances in Cryptology — EUROCRYPT’99, LNCS 1592, Springer-Verlag, 1999, pp. 12–23.Google Scholar
- 3.E. Biham and A. Shamir, Differential cryptanalysis of DES-like cryptosystems, Advances in Cryptology — CRYPTO’90, LNCS 537, Springer-Verlag, 1991, pp. 2–21.Google Scholar
- 5.L. R. Knudsen, Truncated and Higher Order Differential, Fast Software Encryption Workshop 94, LNCS 1008, pp. 229–236, Springer-Verlag, 1995.Google Scholar
- 6.L. R. Knudsen and T. Jakobsen, The Interpolation Attack on Block Ciphers, Fast Software Encryption Workshop 97, LNCS 1267, pp. 28–40, Springer-Verlag, 1997.Google Scholar
- 7.ChangHyi Lee, KyungHwa Jun, MinSuk Jung, SangBae Park, and JongDeok Kim, Zodiac Version 1.0(revised) Architecture and Specification, Standardization Workshop on Information Security Technology 2000, Korean Contribution on MP18033, ISO/IEC JTC1/SC27 N2563, 2000, Available at the KISA’s web page, http://www.kisa.or.kr/seed/index.html.
- 10.A. Shimizu and S. Miyaguchi, Fast Data Encipherment Algorithm FEAL, Advances in Cryptology — EUROCRYPT’87, LNCS 304, pp. 267–278, Springer-Verlag, 1988.Google Scholar