Related-Key Attacks on DDP Based Ciphers: CIKS-128 and CIKS-128H
- Cite this paper as:
- Ko Y., Lee C., Hong S., Sung J., Lee S. (2004) Related-Key Attacks on DDP Based Ciphers: CIKS-128 and CIKS-128H. In: Canteaut A., Viswanathan K. (eds) Progress in Cryptology - INDOCRYPT 2004. INDOCRYPT 2004. Lecture Notes in Computer Science, vol 3348. Springer, Berlin, Heidelberg
CIKS-128 and CIKS-128H are 128-bit block ciphers with a 256-bit key sizes based on data-dependent operations, respectively. They are also fast hardware-oriented ciphers and improvements of block cipher CIKS-1 introduced in . This paper presents related-key differential attacks on full-round CIKS-128 and CIKS-128H. In result, using full-round related-key differential characteristics with probability 2− − 36 and 2− − 35.4, these attacks can recover the partial subkey bits for CIKS-128 and CIKS-128H with about 240 plaintexts, respectively. These works suggests that the greatest possible care has to be taken when proposing improvements of the existing block ciphers.
KeywordsCIKS-128 CIKS-128H Block Cipher Related-Key Differential Attack Data-Dependent Operation
Unable to display preview. Download preview PDF.