Impossible boomerang attack [5] (IBA) is a new variant of differential cryptanalysis against block ciphers. Evident from its name, it combines the ideas of both impossible differential cryptanalysis and boomerang attack. Though such an attack might not be the best attack available, its complexity is still less than that of the exhaustive search. In impossible boomerang attack, impossible boomer...

1 Statistical attacks on block ciphers make use of a property of the cipher so that an incident occurs with different probabilities depending on whether the correct key is used or not. For instance, differential cryptanalysis [1] considers characteristics or differentials which show that a particular output difference should be obtained with a relatively high probability when a particular input...

The Advanced Encryption Standard (AES) is a 128-bit block cipher with a user key of 128, 192 or 256 bits, released by NIST in 2001 as the next-generation data encryption standard for use in the USA. It was adopted as an ISO international standard in 2005. Impossible differential cryptanalysis and the boomerang attack are powerful variants of differential cryptanalysis for analysing the security...

Impossible differential cryptanalysis has been proved to be one of the most powerful techniques to attack block ciphers. Based on the impossible differential paths, we can usually add several rounds before or after to launch the key recovery attack. Impossible differential cryptanalysis is powerful not only because the number of rounds it can break is very competitive compared to other attacks,...

At CRYPTO’16, Beierle et al. presented SKINNY, a family of lightweight tweakable block ciphers intended to compete with SIMON. SKINNY can be implemented efficiently in both softand hardware, possesses a SubstitutionPermutation-Network structure, and supports block sizes of 64 and 128 bits as well as key and tweak sizes of 64, 128, 192, and 256 bits. This paper outlines a related-tweakey impossi...

Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early abort, and pre-computation are some common methods to reduce complexities of this attack. In ...

As an ISO/IEC international standard, Camellia has been used various cryptographic applications. In this paper, we improve previous attacks on Camellia-192/256 with key-dependent layers FL/FL−1 by using the intrinsic weakness of keyed functions. Specifically, we present the first impossible differential attack on 13-round Camellia with 2121.6 chosen ciphertexts and 2189.9 13-round encryptions, ...

In this paper, the impossible differential cryptanalysis is extended to MAC algorithms Pelican, MT-MAC and PC-MAC based on AES and 4-round AES. First, we collect message pairs that produce the inner near-collision with some specific differences by the birthday attack. Then the impossible differential attack on 4-round AES is implemented using a 3-round impossible differential property. For Peli...

In this paper we apply impossible differential attacks to reduced round AES. Using various techniques, including the early abort approach and key schedule considerations, we significantly improve previously known attacks due to Bahrak-Aref and Phan. The improvement of these attacks leads to the best known impossible differential attacks on 7-round AES-128 and AES-192, as well as to the best kno...