Impossible Differential Cryptanalysis of ARIA

Abstract

Abstract: This paper studied the security of the block cipher ARIA against impossible differential cryptanalysis. By analyzing the property of the diffusion transformation, a new kind of nontrivial 6-round impossible differential was presented. Generally, considering the weigh of differential, these two different kinds of impossible differential structures and the count were proposed. Based on this, we can give out all the number of these two kinds 6-round impossible differential in theory. It is shown that, when guessing the input-and-output differential weight of 10, there are only two kinds of impossible differential and all of them can be used to attack the 6-round ARIA with the best result by now: the data complexity is 2120 chosen plaintexts, and the time complexity is 294.5 encryptions of 6-round ARIA.

Key words: cryptography, impossible differential cryptanalysis, ARIA block cipher, data complexity

CLC Number:

TN918.1

ZHANG Lei, GUO Jian-Sheng. Impossible Differential Cryptanalysis of ARIA[J]. Journal of Shanghai Jiaotong University, 2011, 45(07): 1063-1067.

References

［1］Daesung K, Jaesung K, Sangwoo P, et al. New block cipher: ARIA［C］//Information Security and Cryptology (ICISC 2003). LNCS 2971. Seoul: SpringerVerlag Press, 2003: 432445.

［2］李刚, 胡予濮, 李洁. 低轮ARIA的不可能差分［J］. 计算机研究与发展, 2006, 43(增刊): 244248.

LI Gang, HU Yupu, LI Jie. Impossible differential cryptanalysis on reduced ARIA［J］. Journal of Computer Research and Development, 2006, 43(Supl.): 244248.

［3］Wu W L, Zhang W T, Feng D G. Impossible differential cryptanalysis of reducedround ARIA and Camellia［J］. Journal of Computer Science and Technology, 2007, 22(3): 449456.

［4］Zhang P, Li R L, Sun B, et al. New impossible differential cryptanalysis of ARIA［EB/OL］. (2008)［20100801］. http://eprint.iacr.org/2008/227.

［5］李申华. 对称密码算法ARIA和Salsa20的安全性分析［D］. 济南: 山东大学数学与科学学院, 2008.

［6］Ewan F, Michael G, Stefan L. Attacking reduced rounds of the ARIA block cipher［EB/OL］. (2009)［20100801］. http://eprint,iacr.org/2009/334.

［7］Alex B, Christophe D, Joseph L, et al. Security and performance analysis of ARIA. Version 1.2［EB/OL］. (20030107)［20100801］.http://www.nsri.re.kr/ARIA/doc.

［8］Li Y J, Wu W L, Zhang L. Integral attacks on reducedround ARIA block cipher［C］//ISPEC 2010. LNCS 6047. Seoul: SpringerVerlag, 2010: 1929.

［9］Tang X H, Sun B, Li R L, et al. A meetinthemiddle attack on ARIA［EB/OL］. (2010)［20100801］. http: // www.eprint.org/2010/168.pdf.

［10］Kim J, Hong S, Sung J, et al. Impossible differential cryptanalysis for block cipher structures［C］//Indocrypt 2003. LNCS 2904. New Delhi: SpringerVerlag Press, 2003: 8296.

［11］吴文玲, 张蕾. 不可能差分密码分析研究进展［J］. 系统科学与数学, 2008, 28(8): 971983.

WU Wenling, ZHANG Lei. The stateoftheart of research on impossible differential cryptanalysis［J］. Journal of System Science and Mathematical Sciences, 2008, 28(8): 971983.

［12］Tsunoo Y, Tsujihara E， Shigeri M, et al. Impossible differential cryptanalysis of CLEFIA［C］//FSE 2008. LNCS 5086. Switzerland: SpringerVerlag Press, 2008: 289302.

[1]	NIU Zhihua, YUAN Can, KONG Deyu. A Hybrid Genetic Algorithm for Computing the k-Error Linear Complexity of Periodic Sequences [J]. Journal of Shanghai Jiaotong University, 2020, 54(6): 599-606.
[2]	JENG Fuh-gwoa (郑富国), LIN Kai-siangb (林恺翔), LIN Chih-hungc (林志鸿), CHEN Tzung-herb*(陈宗和). Visual Multi-Secret Sharing with Friendliness [J]. Journal of shanghai Jiaotong University (Science), 2014, 19(4): 455-465.
[3]	SUN Jin1,2,HU Yupu2. Fully Secure Anonymous Identity-Based Broadcast Encryption Scheme [J]. Journal of Shanghai Jiaotong University, 2013, 47(07): 1103-1108.
[4]	SHEN Zhong-hua (沈忠华), YU Xiu-yuan (于秀源) . Threshold Signature Scheme with Threshold Verification Based on Multivariate Linear Polynomial [J]. Journal of shanghai Jiaotong University (Science), 2011, 16(5): 551-556.
[5]	ZHANG Lei,CAO Zhenfu . An AttributeBased Encryption Scheme Suitable for Distributed Network [J]. Journal of Shanghai Jiaotong University, 2010, 44(11): 1507-1512.