New Truncated Differential Cryptanalysis on 3D Block Cipher

  • Takuma Koyama
  • Lei Wang
  • Yu Sasaki
  • Kazuo Sakiyama
  • Kazuo Ohta
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7232)


This paper presents 11- and 13-round key-recovery attacks on block cipher 3D with the truncated differential cryptanalysis, while the previous best key-recovery attack broke only 10 rounds with the impossible differential attack. 3D is an AES-based block cipher proposed at CANS 2008, which operates on 512-bit blocks and a 512-bit key, and consists of 22 rounds. It was previously believed that the truncated differential cryptanalysis could not extend the attack more than 5 rounds. However, by carefully analyzing the data processing part and key schedule function simultaneously, we show the attack to 11-round 3D with 2251 chosen plaintext (CP), 2288 computations, and 2128 memory. Additionally, the time complexity is improved up to 2113 by applying the early aborting technique. By utilizing the idea of neutral bit, we attack 13-round 3D with 2469 CP, 2308 computations, and 2128 memory.


3D block cipher key-recovery attack truncated differential cryptanalysis early aborting technique 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Barreto, P.S.L.M., Rijmen, V.: The ANUBIS Block Cipher. In: 1st NESSIE Workshop, Heverlee, Belgiunm (2000)Google Scholar
  2. 2.
    Biham, E., Chen, R.: Near-Collisions of SHA-0. In: Franklin, M.K. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 290–305. Springer, Heidelberg (2004)Google Scholar
  3. 3.
    Cramer, R. (ed.): EUROCRYPT 2005. LNCS, vol. 3494. Springer, Heidelberg (2005)zbMATHGoogle Scholar
  4. 4.
    Dong, L., Wu, W., Wu, S., Zou, J.: Known-Key Distinguisher on Round-Reduced 3D Block Cipher. In: Jung, S. (ed.) WISA 2011. LNCS, vol. 7115, pp. 55–69. Springer, Heidelberg (2011)Google Scholar
  5. 5.
    Knudsen, L.R.: DEAL -A 128-bit Block Cipher. Technical report no. 151, Department of Informatics, University of Bergen (1998),
  6. 6.
    Knudsen, L.R., Berson, T.A.: Truncated Differentials of SAFER. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 15–26. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  7. 7.
    Lu, J., Kim, J., Keller, N., Dunkelman, O.: Improving the Efficiency of Impossible Differential Cryptanalysis of Reduced Camellia and MISTY1. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 370–386. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  8. 8.
    Lu, J., Wei, Y., Kim, J., Fouque, P.A.: Cryptanalysis of Reduced Versions of the Camellia Block Cipher. In: SAC 2011 (2011) (to appear)Google Scholar
  9. 9.
    Matusiewicz, K., Naya-Plasencia, M., Nikolić, I., Sasaki, Y., Schläffer, M.: Rebound Attack on the Full Lane Compression Function. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 106–125. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  10. 10.
    Nakahara Jr., J.: 3D: A Three-Dimensional Block Cipher. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 252–267. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Nakahara Jr, J.: New Impossible Differential and Known-Key Distinguishers for the 3D Cipher. In: Bao, F., Weng, J. (eds.) ISPEC 2011. LNCS, vol. 6672, pp. 208–221. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  12. 12.
    National Institute of Standards and Technology: Specification for the Advanced Encryption Standard (AES). In: Federal Information Processing Standards Publication 197 (2001),
  13. 13.
    Shoup, V. (ed.): CRYPTO 2005. LNCS, vol. 3621. Springer, Heidelberg (2005)zbMATHGoogle Scholar
  14. 14.
    Wang, X., Lai, X., Feng, D., Chen, H., Yu, X.: Cryptanalysis of the Hash Functions MD4 and RIPEMD. In: Cramer [3], pp. 1–18Google Scholar
  15. 15.
    Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the Full SHA-1. In: Shoup [13], pp. 17–36Google Scholar
  16. 16.
    Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer [3], pp. 19–35Google Scholar
  17. 17.
    Wang, X., Yu, H., Yin, Y.L.: Efficient Collision Search Attacks on SHA-0. In: Shoup [13], pp. 1–16Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Takuma Koyama
    • 1
  • Lei Wang
    • 1
  • Yu Sasaki
    • 2
  • Kazuo Sakiyama
    • 1
  • Kazuo Ohta
    • 1
  1. 1.The University of Electro-CommunicationsJapan
  2. 2.NTT Information Sharing Platform LaboratoriesNTT CorporationJapan

Personalised recommendations