Advertisement

Attack on Six Rounds of CRYPTON

  • Carl D’Halluin
  • Gert Bijnens
  • Vincent Rijmen
  • Bart Preneel
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1636)

Abstract

In this paper we present an attack on a reduced round version of Crypton. The attack is based on the dedicated Square attack. We explain why the attack also works on Crypton and prove that the entire 256-bit user key for 6 rounds of Crypton can be recovered with a complexity of 256 encryptions, whereas for Srypton 272 encryptions are required to recover the 128-bit user key.

References

  1. 1.
    J. Borst, “Weak keys of Crypton,” technical comment submitted to NIST.Google Scholar
  2. 2.
    J. Daemen, L. Knudsen and V. Rijmen, “The block cipher Square,” Fast Software Encryption, LNCS 1267, E. Biham, Ed., Springer-Verlag, 1997, pp. 149–165.Google Scholar
  3. 3.
    Lim, “CRYPTON: A New 128-bit Block Cipher,” available from [5].Google Scholar
  4. 4.
    Lim, “Specification and Analysis of Crypton Version 1.0,” FSE’ 99, these proceedings.Google Scholar
  5. 6.
    S. Vaudenay, “Weak keys in Crypton,” announcement on NIST’s electronic AES forum, cf. [5].Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Carl D’Halluin
    • 1
  • Gert Bijnens
    • 1
  • Vincent Rijmen
    • 1
  • Bart Preneel
    • 1
  1. 1.Katholieke Universiteit Leuven, ESAT-COSICHeverleeBelgium

Personalised recommendations