Related-Key Attacks on DDP Based Ciphers: CIKS-128 and CIKS-128H

  • Youngdai Ko
  • Changhoon Lee
  • Seokhie Hong
  • Jaechul Sung
  • Sangjin Lee
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3348)


CIKS-128 and CIKS-128H are 128-bit block ciphers with a 256-bit key sizes based on data-dependent operations, respectively. They are also fast hardware-oriented ciphers and improvements of block cipher CIKS-1 introduced in [14]. This paper presents related-key differential attacks on full-round CIKS-128 and CIKS-128H. In result, using full-round related-key differential characteristics with probability 2− − 36 and 2− − 35.4, these attacks can recover the partial subkey bits for CIKS-128 and CIKS-128H with about 240 plaintexts, respectively. These works suggests that the greatest possible care has to be taken when proposing improvements of the existing block ciphers.


CIKS-128 CIKS-128H Block Cipher Related-Key Differential Attack Data-Dependent Operation 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (1993)MATHGoogle Scholar
  2. 2.
    Goots, N.D., Izotov, B.V., Moldovyan, A.A., Moldovyan, N.A.: Modern cryptography: Protect Your Data with Fast Block Ciphers. Wayne, A-LIST Publish. (2003)Google Scholar
  3. 3.
    Goots, N.D., Izotov, B.V., Moldovyan, A.A., Moldovyan, N.A.: Fast Ciphers for Cheap Hardware: Differential Analysis of SPECTR-H64. In: Gorodetsky, V., Popyack, L.J., Skormin, V.A. (eds.) MMM-ACNS 2003. LNCS, vol. 2776, pp. 449–452. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Goots, N.D., Moldovyan, A.A., Moldovyan, N.A.: Fast Encryption ALgorithm Spectr-H64. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds.) MMM-ACNS 2001. LNCS, vol. 2052, pp. 275–286. Springer, Heidelberg (2001)Google Scholar
  5. 5.
    Kelsey, J., Schneier, B., Wagner, D.: Key Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 237–251. Springer, Heidelberg (1996)Google Scholar
  6. 6.
    Kelsey, J., Schneier, B., Wagner, D.: Related-Key Cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 233–246. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  7. 7.
    Kim, J., Kim, G., Hong, S., Lee, S., Hong, D.: The Related-Key Rectangle Attack - Application to SHACAL-1. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 123–136. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  8. 8.
    Kim, J., Kim, G., Lee, S., Lim, J., Song, J.: Related-Key Attacks on Reduced Rounds of SHACAL-2. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 175–190. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Ko, Y., Hong, D., Hong, S., Lee, S., Lim, J.: Linear Cryptanalysis on SPECTR-H64 with Higher Order Differential Property. In: Gorodetsky, V., Popyack, L.J., Skormin, V.A. (eds.) MMM-ACNS 2003. LNCS, vol. 2776, pp. 298–307. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Ko, Y., Hong, S., Lee, W., Lee, S., Kang, S.: Related Key Differential Attacks on 27 Rounds of XTEA and Full-Round GOST. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 299–316. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  11. 11.
    Ko, Y., Lee, C., Hong, S., Lee, S.: Related Key Differential Cryptanalysis of Full-Round SPECTR-H64 and CIKS-1. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 137–148. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. 12.
    Lee, C., Hong, D., Lee, S., Lee, S., Yang, H., Lim, J.: A Chosen Plaintext Linear Attack on Block Cipher CIKS-1. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 456–468. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  13. 13.
    Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)Google Scholar
  14. 14.
    Moldovyan, A.A., Moldovyan, N.A.: A cipher Based on Data-Dependent Permutations. Journal of Cryptology 15(1), 61–72 (2002)CrossRefMathSciNetGoogle Scholar
  15. 15.
    Sklavos, N., Moldovyan, A.A., Koufopavlou, O.: Encryption and Data Dependent Permutations: Implementation Cost and Performance Evaluation. In: Gorodetsky, V., Popyack, L.J., Skormin, V.A. (eds.) MMM-ACNS 2003. LNCS, vol. 2776, pp. 337–348. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Sklavos, N., Moldovyan, N.A., Koufopavlou, O.: A New DDP-based Cipher CIKS-128H: Architecture, Design & VLSI Implementation Optimization of CBC-Encryption & Hashing over 1 GBPS. In: Proceedings of the 46th IEEE Midwest Symposium on Circuits & Systems, Cairo, Egypt, December 27–30 (2003)Google Scholar
  17. 17.
    Sklavos, N., Koufopavlou, O.: Data Dependent Rotations, a Trustworthy Approach for Future Encryption Systems/Ciphers: Low Cost and High Performance. Computers and Security, Elsevier Science Journal 22(7) (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Youngdai Ko
    • 1
  • Changhoon Lee
    • 2
  • Seokhie Hong
    • 2
  • Jaechul Sung
    • 3
  • Sangjin Lee
    • 2
  1. 1.Information Security TeamLG CNSSeoulKorea
  2. 2.Center for Information Security Technologies(CIST)Korea UniversitySeoulKorea
  3. 3.Department of MathematicsUniversity of SeoulSeoulKorea

Personalised recommendations