This paper presents the 13-round impossible differential cryptanalysis on MIBS-80 for the first time. Firstly, this paper filters the plaintexts based on the impossible differentia of S-box in MIBS-80. Secondly, by taking advantage of the restrict relation between key in the first round and in the second round, the restrict relation between key in the first round and in the 13th round, the number of plaintexts is further reduced. To sum up, 218.2 times can be eliminated as big as the number of plaintexts eliminated in former impossible attacks, therefore both the time complexity and memory complexity are saved. Besides, by looking up various tables to get the needed key bits in the attack, the time complexity and memory complexity are thereafter reduced. Finally, 80 independent key bit are used to recover the main key, which ensures that only the right key is kept. The presented attack needs 260.1 chosen plaintexts, 269.5 13-round encryptions and 271.2 64 bit blocks, which is the best result of impossible differential attack on MIBS so far.
IZADI M, SADEGHIYAN B, and SADEGHIAN S. MIBS: a new light-weight block cipher[C]. CANS 2009, Ishikawa, Japan, 2009: 334-348. doi: 10.1007/978-3-642-10433-6_22.
[2]
BAY A, NAKAHARA J, and VAUDENAY S. Cryptanalysis of reduced-round MIBS block cipher[C]. CANS 2010, Malaysia, 2010: 1-19. doi: 10.1007/978-3-642-17619-7_1.
DU Chenghang and CHEN Jiazhe. Impossible differential cryptanalysis of reduced-round MIBS[J]. Journal of Shandong University (Natural Science), 2012, 47(7): 55-58
WANG Gaoli, and WANG Shaohui. Integral cryptanalysis of reduced-round MIBS block cipher[J]. Journal of Chinese Computer Systems, 2012, 33(4): 773-777.
[6]
BAY A, HUANG J, and VAUDENAY S. Improved linear cryptanalysis of reduced-round MIBS[C]. The 9th International Workshop on Security, ?Hirosaki, 2014: 204-220. doi: 10.1007/978-3-319-09843-2_16.
LIU Chao, LIAO Fucheng, and WEI Hongru. Meet-in- the-middle attacks on MIBS[J]. Journal of Inner Mongolia University (Natural Science), 2013, 44(3): 308-315.
LI Xu and GUAN Jie. Zero correlation linear cryptanalysis of lightweight block cipher MIBS[J]. Journal of Information Engineering University, 2015, 16(1): 20-24.
CHEN Ping, LIAO Fucheng, and Wei Hongru. Related-key impossible differential attack on a lightweight block cipher MIBS[J]. Journal on Communications, 2014, 35(2): 190-193.
[10]
KNUDSEN L. DEALA 128-bit block cipher[R]. Technical Report 151, Department of Informatics, University of Bergen, Bergen, Norway, 1998.
[11]
BIHAM E, BIRYUKOV A, and SHAMIR A. Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials[C]. Advances in CryptologEUROCRYPT'99, Prague, 1999: 2-23. doi: 10.1007/3-540-48910-X_2.
HU Hongjian, JIN Chenhui, and LI Xinran. Improved impossible differential attack on 7-round AES-128[J]. Journal of Cryptologic Research, 2015, 2(1): 92-100. doi: 10.13868 /j.vcnki.jcr.000063.
[13]
LI Xinran, FU Fangwei, and GUANG Xi. Multiple impossible differential cryptanalysis on reduced FOX[J]. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2015, E98-A(3): 906-911. doi: 10.1587/transfun.E98.A.906.
[14]
GUO Rui and JIN Chenhui. Impossible differential cryptanalysis on Lai-Massey scheme[J]. ETRI Journal, 2014, 36(6): 1032-1040. doi: 10.4218/etrij.14.0113.1335.
[15]
WU Wenling, ZHANG Wentao, and FENG Dengguo. Impossible differential cryptanalysis of reduced-round ARIA and Camellia[J]. Journal of Computer Science and Technology, 2007, 22(3): 449-456. doi: 10.1007/s11390-007- 9056-0.
[16]
WU Wenling, ZHANG Lei, and ZHANG Wentao. Improved impossible differential cryptanalysis of reduced-round Camellia[C]. Selected Areas in Cryptography16th Annual International Workshop, SAC 2009, Calgary, Canada, 2009: 442-456. doi: 10.1007/978-3-642-04159-4_29.
[17]
MALA H, DAKHILALIAN M, RIJMEN V, et al. Improved impossible differential cryptanalysis of 7-round AES-128[C]. The 11th International Conference on Cryptology, Hyderabad, India, 2010: 282-291. doi: 10.1007/978-3-642- 17401-8_20.
[18]
LIU Ya, GU Dawu, and LIU Zhiqiang. Improved results on impossible differential cryptanalysis of reduced-round Camellia-192/256[J]. Journal of Systems and Software, 2012, 85(11): 2451-2458. doi: 10.1016/j.jss.2012.05.051.
[19]
BAI Dongxia and LI Leibo. New impossible differential attacks on Camellia[C]. International Conference on Information Security Practice and Experience 2012, Hangzhou, 2012: 80-96. doi: 10.1007/978-3-642-29101-2_6.
BOURA C, NAYA PLASENCIA M, and SUDER V. Scrutinizing and improving impossible differential attacks: applications to CLEFIA, Camellia, LBlock and Simon (Full Version)[C]. Advances in Cryptology20th Annual International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, 2014: 179-199. doi: 10.1007/978-3-662-45611-8_10.
XIE Zuomin, CHEN Shaozhen, and LU Linzhen. Impossible differential cryptanalysis of 11-round 3D cipher[J]. Journal of Electronics & Information Technology, 2014, 36(5): 1215-1220. doi: 10.3724/SP.J.1146.2013.00948.