Low probability differentials and the cryptanalysis of full-round CLEFIA-128

Emami, Sareh, Ling, San, Nikolić, Ivica, Pieprzyk, Josef, & Wang, Huaxiong (2014) Low probability differentials and the cryptanalysis of full-round CLEFIA-128. Lecture Notes in Computer Science [Proceedings of the 20th International Conference on the Theory and Application of Cryptology and Information Security], 8873, pp. 141-157.

View at publisher


So far, low probability differentials for the key schedule of block ciphers have been used as a straightforward proof of security against related-key differential analysis. To achieve resistance, it is believed that for cipher with k-bit key it suffices the upper bound on the probability to be 2− k . Surprisingly, we show that this reasonable assumption is incorrect, and the probability should be (much) lower than 2− k . Our counter example is a related-key differential analysis of the well established block cipher CLEFIA-128. We show that although the key schedule of CLEFIA-128 prevents differentials with a probability higher than 2− 128, the linear part of the key schedule that produces the round keys, and the Feistel structure of the cipher, allow to exploit particularly chosen differentials with a probability as low as 2− 128. CLEFIA-128 has 214 such differentials, which translate to 214 pairs of weak keys. The probability of each differential is too low, but the weak keys have a special structure which allows with a divide-and-conquer approach to gain an advantage of 27 over generic analysis. We exploit the advantage and give a membership test for the weak-key class and provide analysis of the hashing modes. The proposed analysis has been tested with computer experiments on small-scale variants of CLEFIA-128. Our results do not threaten the practical use of CLEFIA.

Impact and interest:

1 citations in Scopus
1 citations in Web of Science®
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

66 since deposited on 11 Mar 2015
25 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 82452
Item Type: Journal Article
Refereed: Yes
Additional Information: Advances in Cryptology – ASIACRYPT 2014 : 20th International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, Taiwan, R.O.C., December 7-11, 2014. Proceedings, Part I. Print ISBN 978-3-662-45610-1
Keywords: CLEFIA, Cryptanalysis, Weak keys, CRYPTREC, Differentials
DOI: 10.1007/978-3-662-45611-8_8
ISSN: 0302-9743
Divisions: Current > QUT Faculties and Divisions > Science & Engineering Faculty
Copyright Owner: Copyright 2014 International Association for Cryptologic Research
Copyright Statement: The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-662-45611-8_8
Deposited On: 11 Mar 2015 23:18
Last Modified: 03 Jul 2017 11:51

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page