Open AccessWeak keys of the full MISTY1 block cipher for related‐key amplified boomerang cryptanalysis
Author(s) -
Lu Jiqiang,
Yap WunShe,
Wei Yongzhuang
Publication year - 2018
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/iet-ifs.2017.0173
Subject(s) - computer science , boomerang attack , block cipher , differential cryptanalysis , transposition cipher , two square cipher , running key cipher , cbc mac , slide attack , cipher , triple des , higher order differential cryptanalysis , stream cipher , linear cryptanalysis , theoretical computer science , computer security , arithmetic , cryptography , mathematics , encryption
The MISTY1 block cipher has a 64‐bit block size, a 128‐bit master key, and a total of 8 rounds. It is an ISO international standard, a Japanese CRYPTREC‐recommended e‐government cipher, and a European NESSIE selected cipher. In this study, the authors show another cryptographic weakness of the full MISTY1 cipher: they describe four classes of 2 90weak keys of the full MISTY1 cipher for a related‐key amplified boomerang attack that has a data complexity of 2 60.5chosen plaintexts and a time complexity of 2 87.33encryptions under each class of weak keys. The result shows that the MISTY1 cipher can be distinguishable from an ideal cipher in terms of related‐key amplified boomerang cryptanalysis, and users should be very careful when using MISTY1 for a full security in relevant application situations.