Related-key attacks on DDP based ciphers: CIKS-128 and CIKS-128H

Youngdai Ko; Changhoon Lee; Seokhie Hong; Jaechul Sung; Sangjin Lee

doi:10.1007/978-3-540-30556-9_16

Related-key attacks on DDP based ciphers: CIKS-128 and CIKS-128H

Youngdai Ko, Changhoon Lee, Seokhie Hong, Jaechul Sung, Sangjin Lee

Research output: Contribution to journal › Article › peer-review

20 Citations (Scopus)

Abstract

CIKS-128 and CIKS-128H are 128-bit block ciphers with a 256-bit key sizes based on data-dependent operations, respectively. They are also fast hardware-oriented ciphers and improvements of block cipher CIKS-1 introduced in [14]. This paper presents related-key differential attacks on full-round CIKS-128 and CIKS-128H. In result, using full-round related-key differential characteristics with probability 2^-36 and 2^-35.4, these attacks can recover the partial subkey bits for CIKS-128 and CIKS-128H with about 2⁴⁰ plaintexts, respectively. These works suggests that the greatest possible care has to be taken when proposing improvements of the existing block ciphers.

Original language	English
Pages (from-to)	191-205
Number of pages	15
Journal	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	3348
DOIs	https://doi.org/10.1007/978-3-540-30556-9_16
Publication status	Published - 2004

Keywords

Block Cipher
CIKS-128
CIKS-128H
Data-Dependent Operation
Related-Key Differential Attack

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/978-3-540-30556-9_16

Cite this

@article{5b0d7c352ffc4480946fbeb61246b0c3,

title = "Related-key attacks on DDP based ciphers: CIKS-128 and CIKS-128H",

abstract = "CIKS-128 and CIKS-128H are 128-bit block ciphers with a 256-bit key sizes based on data-dependent operations, respectively. They are also fast hardware-oriented ciphers and improvements of block cipher CIKS-1 introduced in [14]. This paper presents related-key differential attacks on full-round CIKS-128 and CIKS-128H. In result, using full-round related-key differential characteristics with probability 2-36 and 2-35.4, these attacks can recover the partial subkey bits for CIKS-128 and CIKS-128H with about 240 plaintexts, respectively. These works suggests that the greatest possible care has to be taken when proposing improvements of the existing block ciphers.",

keywords = "Block Cipher, CIKS-128, CIKS-128H, Data-Dependent Operation, Related-Key Differential Attack",

author = "Youngdai Ko and Changhoon Lee and Seokhie Hong and Jaechul Sung and Sangjin Lee",

year = "2004",

doi = "10.1007/978-3-540-30556-9_16",

language = "English",

volume = "3348",

pages = "191--205",

journal = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

issn = "0302-9743",

publisher = "Springer Verlag",

}

TY - JOUR

T1 - Related-key attacks on DDP based ciphers

T2 - CIKS-128 and CIKS-128H

AU - Ko, Youngdai

AU - Lee, Changhoon

AU - Hong, Seokhie

AU - Sung, Jaechul

AU - Lee, Sangjin

PY - 2004

Y1 - 2004

N2 - CIKS-128 and CIKS-128H are 128-bit block ciphers with a 256-bit key sizes based on data-dependent operations, respectively. They are also fast hardware-oriented ciphers and improvements of block cipher CIKS-1 introduced in [14]. This paper presents related-key differential attacks on full-round CIKS-128 and CIKS-128H. In result, using full-round related-key differential characteristics with probability 2-36 and 2-35.4, these attacks can recover the partial subkey bits for CIKS-128 and CIKS-128H with about 240 plaintexts, respectively. These works suggests that the greatest possible care has to be taken when proposing improvements of the existing block ciphers.

AB - CIKS-128 and CIKS-128H are 128-bit block ciphers with a 256-bit key sizes based on data-dependent operations, respectively. They are also fast hardware-oriented ciphers and improvements of block cipher CIKS-1 introduced in [14]. This paper presents related-key differential attacks on full-round CIKS-128 and CIKS-128H. In result, using full-round related-key differential characteristics with probability 2-36 and 2-35.4, these attacks can recover the partial subkey bits for CIKS-128 and CIKS-128H with about 240 plaintexts, respectively. These works suggests that the greatest possible care has to be taken when proposing improvements of the existing block ciphers.

KW - Block Cipher

KW - CIKS-128

KW - CIKS-128H

KW - Data-Dependent Operation

KW - Related-Key Differential Attack

UR - http://www.scopus.com/inward/record.url?scp=33646193691&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33646193691&partnerID=8YFLogxK

U2 - 10.1007/978-3-540-30556-9_16

DO - 10.1007/978-3-540-30556-9_16

M3 - Article

AN - SCOPUS:33646193691

VL - 3348

SP - 191

EP - 205

JO - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

JF - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SN - 0302-9743

ER -

Related-key attacks on DDP based ciphers: CIKS-128 and CIKS-128H

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this