MARS Attacks! Preliminary Cryptanalysis of Reduced-Round MARS Variants
نویسندگان
چکیده
In this paper, we discuss ways to attack various reducedround variants of MARS. We consider cryptanalysis of two reducedround variants of MARS: MARS with the full mixing layers but fewer core rounds, and MARS with each of the four kinds of rounds reduced by the same amount. We develop some new techniques for attacking both of these MARS variants. Our best attacks break MARS with full mixing and five core rounds (21 rounds total), and MARS symmetrically reduced to twelve rounds (3 of each kind of round).
منابع مشابه
Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent
We introduce a new cryptanalytic technique based on Wagner’s boomerang and inside-out attacks. We first describe this new attack in terms of the original boomerang attack, and then demonstrate its use on reduced-round variants of the MARS core and Serpent. Our attack breaks eleven rounds of the MARS core with 2 chosen plaintexts, 2 memory, and 2 partial decryptions. Our attack breaks eight roun...
متن کاملAnalysis of MARS
This report presents the results of a limited evaluation of the block cipher MARS. No important weaknesses or flaws were found on MARS. The round function of MARS looks simple but is relatively complex to analyse because of the different natures of the involved components. MARS is an iterated cipher which runs in 32 rounds, but the rounds are not of the same type, which is somewhat unusual. The...
متن کاملImpossible Differential Cryptanalysis of Reduced-Round Midori64 Block Cipher (Extended Version)
Impossible differential attack is a well-known mean to examine robustness of block ciphers. Using impossible differ- ential cryptanalysis, we analyze security of a family of lightweight block ciphers, named Midori, that are designed considering low energy consumption. Midori state size can be either 64 bits for Midori64 or 128 bits for Midori128; however, both vers...
متن کاملImpossible Differential Cryptanalysis on Deoxys-BC-256
Deoxys is a final-round candidate of the CAESAR competition. Deoxys is built upon an internal tweakable block cipher Deoxys-BC, where in addition to the plaintext and key, it takes an extra non-secret input called a tweak. This paper presents the first impossible differential cryptanalysis of Deoxys-BC-256 which is used in Deoxys as an internal tweakable block cipher. First, we find a 4.5-round...
متن کاملCryptanalysis of some first round CAESAR candidates
ΑΕS _ CMCCv₁, ΑVΑLΑNCHEv₁, CLΟCv₁, and SILCv₁ are four candidates of the first round of CAESAR. CLΟCv₁ is presented in FSE 2014 and SILCv₁ is designed upon it with the aim of optimizing the hardware implementation cost. In this paper, structural weaknesses of these candidates are studied. We present distinguishing attacks against ΑES _ CMCCv₁ with the complexity of two queries and the success ...
متن کامل