Type: Conference Paper
New results on impossible differential cryptanalysis of reduced-round camellia-128
Journal: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (03029743)Year: 2009Volume: 5867Issue: Pages: 281 - 294
DOI:10.1007/978-3-642-05445-7_18Language: English
Abstract
Camellia, a 128-bit block cipher which has been accepted by ISO/IEC as an international standard, is increasingly being used in many cryptographic applications. In this paper, using the redundancy in the key schedule and accelerating the filtration of wrong pairs, we present a new impossible differential attack to reduced-round Camellia. By this attack 12-round Camellia-128 without FL/FL - 1 functions and whitening is breakable with a total complexity of about 2116.6 encryptions and 2 116.3 chosen plaintexts. In terms of the numbers of the attacked rounds, our attack is better than any previously known attack on Camellia-128. © 2009 Springer-Verlag Berlin Heidelberg.