New Observation on Camellia

  • Duo Lei
  • Li Chao
  • Keqin Feng
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3897)


In this paper, some observations on Camellia are presented, by which the Square attack and the Collision attack are improved. 11-round 256-bit Camellia without FL function is breakable with complexity of 2250 encryptions. 9-round 128-bit Camellia without FL function is breakable with the complexity of 290 encryptions. And 10-round 256-bit Camellia with FL function is breakable with the complexity of 2210 encryptions and 9-round 128-bit Camellia with FL function is breakable with the complexity of 2122 encryptions. These results are better than any other known results. It concludes that the most efficient attack on Camellia is Square attack.


Block Cipher Advance Encryption Standard Round Function Collision Attack Figure Illustration 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms - Design and Analysis. In: Ito, T., Abadi, M. (eds.) TACS 1997. LNCS, vol. 1281, pp. 39–56. Springer, Heidelberg (1997)Google Scholar
  2. 2.
    He, Y., Qing, S.: Square Attack on Reduced Camellia Cipher. In: Qing, S., Okamoto, T., Zhou, J. (eds.) ICICS 2001. LNCS, vol. 2229, pp. 238–245. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Yeom, Y., Park, S., Kim, I.: On the security of CAMELLIA against the square attack. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 89–99. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  4. 4.
    Kanda, M., Matsumoto, T.: Security of Camellia against Truncated Differential Cryptanalysis. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 286–299. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Lee, S., Hong, S., Lee, S., Lim, J., Yoon, S.: Truncated Differential Cryptanalysis of Camellia. In: Kim, K.-c. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 32–38. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  6. 6.
    Sugita, M., Kobara, K., Imai, H.: Security of Reduced Version of the Block Cipher Camellia against Truncated and Impossible Differential Cryptanalysis. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 193–207. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Kawabata, T., Kaneko, T.: A Study on Higher Order Differential Attack of Camellia. In: The 2nd open NESSIE workshop (2001)Google Scholar
  8. 8.
    Daemen, J., Knudsen, L.R., Rijmen, V.: The Block Cipher SQUARE. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  9. 9.
    Hatano, Y., Sekine, H., Kaneko, T.: Higher order differential attack of (II). In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 129–146. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Wu, W.L., Feng, F.D.G.: Collision attack on reduced-round Camellia. Science in China Series F-Information Sciences 48(1), 78–90 (2005)MathSciNetCrossRefMATHGoogle Scholar
  11. 11.
    Daemen, J., Rijmen, V.: The Design of Rijndael, AES - The Advanced Encryption Standard, p. 238. Springer, Heidelberg (2002)MATHGoogle Scholar
  12. 12.
    Ferguson, N., Kelsey, J., Lucks, S., Schneier, B., Stay, M., Wagner, D., Whiting, D.L.: Improved Cryptanalysis of Rijndael Whiting. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 213–230. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Duo Lei
    • 1
  • Li Chao
    • 1
  • Keqin Feng
    • 2
  1. 1.Department of ScienceNational University of Defense TechnologyChangshaChina
  2. 2.Department of MathTsinghua UniversityBeijingChina

Personalised recommendations