Related Key Attacks on Reduced Round KASUMI

  • Mark Blunden
  • Adrian Escott
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2355)


This paper describes related key attacks on five and six round KASUMI. The five round attack requires the encryption of approximately 219 chosen plaintext pairs X and X* under keys K and K* respectively where K and K* differ in only one bit, and requires a maximum of a little over 233 trials to recover the entire key. The six round attack requires a smaller number of chosen plaintext encryptions than the five round attack, and recovers the entire key in a maximum of 2112 trials.


  1. 1.
    S. Babbage, ”Design of Security Algorithms for Third Generation Mobile Telephony.” In Information Security Technical Report (Elsevier), (5), 2000.Google Scholar
  2. 2.
    E. Biham, ”New Types of Cryptanalytic Attacks Using Related Keys.” In Advances in Cryptology-EUROCRYPT’ 93, Lecture Notes in Computer Science (LNCS 765), Springer-Verlag, 1994.Google Scholar
  3. 3.
    E. Biham and A. Shamir, ”Differential Cryptanalysis of DES-like Cryptosystems.” In Journal of Cryptology, (4), 1991.Google Scholar
  4. 4.
  5. 5.
    J. Kelsey, B. Schneier and D. Wagner, ”Key-Schedule Cryptanalysis of IDEA, GDES, GOST, SAFER and Triple-DES.” In Advances in Cryptology-CRYPTO’ 96, Lecture Notes in Computer Science (LNCS 1109), Springer-Verlag, 1996.CrossRefGoogle Scholar
  6. 6.
    L. Knudsen, ”Cryptanalysis of LOKI91.” In Advances in Cryptology-AUSCRYPT’ 92, Lecture Notes in Computer Science (LNCS 718), Springer-Verlag, 1994.Google Scholar
  7. 7.
    M. Matsui, ”New Block Encryption Algorithm MISTY.” In Fast Software Encryption: 4th International Workshop, Lecture Notes in Computer Science (LNCS 1267), Springer-Verlag, 1997.CrossRefGoogle Scholar
  8. 8.
    K. Nyberg, ”Linear Approximation of Block Ciphers.” In Advances in Cryptology-EUROCRYPT’ 94, Lecture Notes in Computer Science (LNCS 950), Springer-Verlag, 1995.Google Scholar
  9. 9.
    K. Nyberg and L. Knudsen, ”Provable Security Against a Differential Attack.” In Journal of Cryptology, (8), 1995.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Mark Blunden
    • 1
  • Adrian Escott
    • 2
  1. 1.Serco TechnologyUK
  2. 2.Hutchison 3GUK

Personalised recommendations