Differential Cryptanalysis of TEA and XTEA
TEA and XTEA are simple block ciphers consisting of exclusive-or, addition, and shift. Although their round functions are very simple and guarantee a little security, large number of 64 rounds have made them secure enough. It seems that the best result for TEA is the related-key attack , but it is less reasonable than such attacks for one key as differential and linear attacks. Impossible differential attacks on 12-round TEA and 14-round XTEA are best results except for related-key attack . We suggest differential and truncated differential attacks on TEA and XTEA better than them. Our best results on TEA and XTEA are attacks on 17-round TEA and 23-round XTEA.
KeywordsBlock cipher TEA XTEA differential cryptanalysis truncated differential cryptanalysis
Unable to display preview. Download preview PDF.
- 1.Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991)Google Scholar
- 2.Hong, D., Ko, Y., Chang, D., Lee, W., Lim, J.: Differential Cryptanalysis of XTEA, Available on http://cist.korea.ac.kr/Tr/TR03-13.ps
- 4.Knudsen, L.R.: Truncated and Higher Order Differential. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 229–236. Springer, Heidelberg (1995)Google Scholar
- 6.Wheeler, D.J., Needham, R.M.: TEA, a Tiny Encryption Algorithm. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 97–110. Springer, Heidelberg (1995)Google Scholar
- 7.Needham, R.M., Wheeler, D.J.: eXtended Tiny Encryption Algorithm (October 1997), Available on http://vader.brad.ac.uk/tea/tea.shtml