Differential and Linear Cryptanalysis are two most popular techniques that have been widely used to attacks block ciphers to reveal its weakness in substitution and permutation network. Most of the block ciphers which are resistant against Differential and Linear Cryptanalysis may not be immune to their latest extensions such as Impossible Differential Cryptanalysis (IDC) and Zero Correlation L...

Impossible differential cryptanalysis is a very popular tool for analyzing the security of modern block ciphers and the core of such attack is based on the existence of impossible differentials. Currently, most methods for finding impossible differentials are based on the miss-in-the-middle technique and they are very ad-hoc. In this paper, we concentrate SPN ciphers whose diffusion layer is de...

We introduce the notion of amplified side-channel attacks, i.e. the application of block cipher cryptanalysis techniques to amplify effects exploitable by side-channel attacks. Such an approach is advantageous since it fully exploits the special characteristics of each technique in situations where each thrives the most. As an example, we consider the integration of block cipher cryptanalysis t...

Impossible differential cryptanalysis has been proved to be one of the most powerful techniques to attack block ciphers. Based on the impossible differential paths, we can usually add several rounds before or after to launch the key recovery attack. Impossible differential cryptanalysis is powerful not only because the number of rounds it can break is very competitive compared to other attacks,...

Differentials with low probability are used in improbable differential cryptanalysis to distinguish a cipher from a random permutation. Due to large diffusion, finding such differentials for actual ciphers remains a challenging task. At Indocrypt 2010, Tezcan proposed a method to derive improbable differential distinguishers from impossible differential ones. In this paper, we discuss the valid...

As an ISO/IEC international standard, Camellia has been used various cryptographic applications. In this paper, we improve previous attacks on Camellia-192/256 with key-dependent layers FL/FL−1 by using the intrinsic weakness of keyed functions. Specifically, we present the first impossible differential attack on 13-round Camellia with 2121.6 chosen ciphertexts and 2189.9 13-round encryptions, ...

The generalized Feistel structure (GFS) is a generalized form of the classical Feistel cipher. A popular version of GFS, called TypeII, divides a message into k > 2 sub blocks and applies a (classical) Feistel transformation for every two sub blocks, and then performs a cyclic shift of k sub blocks. Type-II GFS has many desirable features for implementation. A drawback, however, is its low diff...

In this paper we apply impossible differential attacks to reduced round AES. Using various techniques, including the early abort approach and key schedule considerations, we significantly improve previously known attacks due to Bahrak-Aref and Phan. The improvement of these attacks leads to the best known impossible differential attacks on 7-round AES-128 and AES-192, as well as to the best kno...