The Boomerang Attack

  • David Wagner
Conference paper

DOI: 10.1007/3-540-48519-8_12

Part of the Lecture Notes in Computer Science book series (LNCS, volume 1636)
Cite this paper as:
Wagner D. (1999) The Boomerang Attack. In: Knudsen L. (eds) Fast Software Encryption. FSE 1999. Lecture Notes in Computer Science, vol 1636. Springer, Berlin, Heidelberg


This paper describes a new differential-style attack, which we call the boomerang attack. This attack has several interesting applications. First, we disprove the oft-repeated claim that eliminating all high-probability differentials for the whole cipher is suffcient to guarantee security against differential attacks. Second, we show how to break COCONUT98, a cipher designed using decorrelation techniques to ensure provable security against differential attacks, with an advanced differential-style attack that needs just 216 adaptively chosen texts. Also, to illustrate the power of boomerang techniques, we give new attacks on Khufu-16, FEAL-6, and 16 rounds of CAST-256.

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • David Wagner
    • 1
  1. 1.U.C. Berkeley

Personalised recommendations