Impossible-Differential and Boomerang Cryptanalysis of Round-Reduced Kiasu-BC

  • Christoph DobraunigEmail author
  • Eik List
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10159)


Kiasu-BC is a tweakable block cipher proposed by Jean et al. at ASIACRYPT 2014 alongside their TWEAKEY framework. The cipher is almost identical to the AES-128 except for the tweak, which renders it an attractive primitive for various modes of operation and applications requiring tweakable block ciphers. Therefore, studying how the additional tweak input affects security compared to that of the AES is highly valuable to gain trust in future instantiations.

This work proposes impossible-differential and boomerang attacks on eight rounds of Kiasu-BC in the single-key model, using the core idea that the tweak input allows to construct local collisions. While our results do not threat the security of the full-round version, they help concretize the security of Kiasu-BC in the single-key model.


Symmetric-key cryptography Cryptanalysis Tweakable block cipher 



The authors thank Ralph Ankele, Christof Beierle, and Maria Eichlseder for the fruitful discussions at the DISC workshop in March 2016 at Bochum, and the reviewers for their helpful comments.


  1. 1.
    Abdelkhalek, A., Tolba, M., Youssef, A.M.: Impossible Differential Cryptanalysis of 8-round Kiasu-BC (2016, to appear)Google Scholar
  2. 2.
    Bahrak, B., Aref, M.R.: Impossible differential attack on seven-round AES-128. IET Inform. Secur. 2(2), 28–32 (2008)CrossRefGoogle Scholar
  3. 3.
    Bogdanov, A., Chang, D., Ghosh, M., Sanadhya, S.K.: Bicliques with minimal data and time complexity for AES. In: Lee, J., Kim, J. (eds.) ICISC 2014. LNCS, vol. 8949, pp. 160–174. Springer, Cham (2015). doi: 10.1007/978-3-319-15943-0_10 Google Scholar
  4. 4.
    Boura, C., Naya-Plasencia, M., Suder, V.: Scrutinizing and improving impossible differential attacks: applications to CLEFIA, Camellia, LBlock and Simon. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 179–199. Springer, Berlin (2014). doi: 10.1007/978-3-662-45611-8_10 Google Scholar
  5. 5.
    Canteaut, A., Naya-Plasencia, M., Vayssière, B.: Sieve-in-the-middle: improved MITM attacks. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 222–240. Springer, Berlin (2013). doi: 10.1007/978-3-642-40041-4_13 CrossRefGoogle Scholar
  6. 6.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer, New York (2002)CrossRefzbMATHGoogle Scholar
  7. 7.
    Derbez, P., Fouque, P.-A., Jean, J.: Improved key recovery attacks on reduced-round AES in the single-key setting. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 371–387. Springer, Berlin (2013). doi: 10.1007/978-3-642-38348-9_23 CrossRefGoogle Scholar
  8. 8.
    Dobraunig, C., Eichlseder, M., Mendel, F.: Square attack on 7-round Kiasu-BC. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 500–517. Springer, Cham (2016). doi: 10.1007/978-3-319-39555-5_27 CrossRefGoogle Scholar
  9. 9.
    Dobraunig, C., List, E.: Impossible-differential and boomerang cryptanalysis of round-reduced KIASU-BC. Cryptology ePrint Archive (2016)Google Scholar
  10. 10.
    Ferguson, N., Kelsey, J., Lucks, S., Schneier, B., Stay, M., Wagner, D., Whiting, D.: Improved cryptanalysis of Rijndael. In: Goos, G., Hartmanis, J., Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 213–230. Springer, Berlin (2001). doi: 10.1007/3-540-44706-7_15 CrossRefGoogle Scholar
  11. 11.
    Ferguson, N., Lucks, S., Schneier, B., Whiting, D., Bellare, M., Kohno, T., Callas, J., Walker, J.: The Skein Hash Function Family. Submission to NIST (Round 3) (2010)Google Scholar
  12. 12.
    Jean, J., Nikolić, I., Peyrin, T.: KIASU v1.1. First-round submission to the CAESAR competition (2014).
  13. 13.
    Jean, J., Nikolić, I., Peyrin, T.: Tweaks and keys for block ciphers: the \(\mathtt{{TWEAKEY}}\) framework. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 274–288. Springer, Berlin (2014). doi: 10.1007/978-3-662-45608-8_15 Google Scholar
  14. 14.
    Krovetz, T., Rogaway, P.: The software performance of authenticated-encryption modes. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 306–327. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  15. 15.
    Liskov, M., Rivest, R.L., Wagner, D.: Tweakable Block Ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31–46. Springer, Heidelberg (2002)Google Scholar
  16. 16.
    Lu, J., Dunkelman, O., Keller, N., Kim, J.: New impossible differential attacks on AES. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 279–293. Springer, Berlin (2008). doi: 10.1007/978-3-540-89754-5_22 CrossRefGoogle Scholar
  17. 17.
    Mala, H., Dakhilalian, M., Rijmen, V., Modarres-Hashemi, M.: Improved impossible differential cryptanalysis of 7-Round AES-128. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 282–291. Springer, Berlin (2010). doi: 10.1007/978-3-642-17401-8_20 CrossRefGoogle Scholar
  18. 18.
    Minematsu, K.: Building blockcipher from small-block tweakable blockcipher. Des. Code Cryptogr. 74(3), 645–663 (2015)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Murphy, S.: The return of the cryptographic boomerang. IEEE Trans. Inform. Theory 57(4), 2517–2521 (2011)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Naito, Y.: Full PRF-secure message authentication code based on tweakable block cipher. In: Au, M.-H., Miyaji, A. (eds.) ProvSec 2015. LNCS, vol. 9451, pp. 167–182. Springer, Cham (2015). doi: 10.1007/978-3-319-26059-4_9 Google Scholar
  21. 21.
    National Institute of Standards and Technology: FIPS 197. National Institute of Standards and Technology, November, pp. 1–51 (2001)Google Scholar
  22. 22.
    Peyrin, T., Seurin, Y.: Counter-in-tweak: authenticated encryption modes for tweakable block ciphers. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 33–63. Springer, Berlin (2016). doi: 10.1007/978-3-662-53018-4_2 CrossRefGoogle Scholar
  23. 23.
    Schroeppel, R., Orman, H.: The hasty pudding cipher. AES candidate submitted to NIST (1998)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Graz University of TechnologyGrazAustria
  2. 2.Bauhaus-Universität WeimarWeimarGermany

Personalised recommendations