Generic Attacks on Misty Schemes
Misty schemes are classic cryptographic schemes used to construct pseudo-random permutations from 2n bits to 2n bits by using d pseudo-random permutations from n bits to n bits. These d permutations will be called the “internal” permutations, and d is the number of rounds of the Misty scheme. Misty schemes are important from a practical point of view since for example, the Kasumi algorithm based on Misty schemes has been adopted as the standard block cipher in the third generation mobile systems. In this paper we describe the best known “generic” attacks on Misty schemes, i.e. attacks when the internal permutations do not have special properties, or are randomly chosen. We describe known plaintext attacks (KPA), non-adaptive chosen plaintext attacks (CPA-1) and adaptive chosen plaintext and ciphertext attacks (CPCA-2) against these schemes. Some of these attacks were previously known, some are new. When d = 5 rounds, it is shown in  that a CPA-1 exists with complexity 2 n . We will present completely different attacks with d = 5 and the same complexity. We will also present new attacks for d ≤ 4 and d ≥ 6. For d ≥ 6 the complexity will be greater than 22n , so these attacks will be useful only when the number of rounds d is small.
KeywordsMisty permutations pseudo-random permutations generic attacks on encryption schemes Block ciphers
Unable to display preview. Download preview PDF.
- 1.Personal Anonymous CommunicationGoogle Scholar
- 2.Specification of the 3GPP Confidentiality and Integrity Algorithm KASUMI, http://www.etsi.org/
- 3.Aiello, W., Venkatesan, R.: Foiling Birthday Attacks in Length-Doubling Transformations - Benes: A Non-Reversible Alternative to Feistel. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 307–320. Springer, Heidelberg (1996)Google Scholar
- 4.Coppersmith, D.: Luby-Rackoff: Four Rounds is not enough. Technical report, Technical Report RC20674, IBM Research Report (December 1996)Google Scholar
- 7.Lai, X., Massey, J.L.: A Proposal for a New Block Encrytption Standard. In: Damgård, I. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 389–404. Springer, Heidelberg (1991)Google Scholar
- 11.Patarin, J.: Security of Random Feistel Schemes with 5 or more rounds. In: Franklin, M.K. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 106–122. Springer, Heidelberg (2004)Google Scholar
- 16.Sakurai, K., Zheng, Y.: On Non-Pseudorandomness from Block Ciphers with Provable Immunity Against Linear Cryptanalysis. IEICE Trans. Fundamentals E80-A(1) (January 1997) Google Scholar
- 17.Sugita, M.: Pseudorandomness of a Block Cipher MISTY. Technical report, Technical Report of IEIECE, ISEC 96-9Google Scholar
- 18.Sugita, M.: Pseudorandomness of a Block Cipher with Recursive Strictures. Technical report, Technical Report of IEIECE, ISEC 97-9Google Scholar