---------------------------------------------------------------------***--------------------------------------------------------------------Abstract The emerging need of the secure ciphers has lead to the designing and analysis of many lightweight block ciphers. In this respect, many lightweight block ciphers have been designed, of which is simple AES, one of the popular proposed secure block c...

Impossible differential cryptanalysis has shown to be a very powerful form of cryptanalysis against block ciphers. These attacks, even if extensively used, remain not fully understood because of their high technicality. Indeed, numerous are the applications where mistakes have been discovered or where the attacks lack optimality. This paper aims in a first step at formalizing and improving this...

Impossible differential attacks are among the most powerful forms of cryptanalysis against block ciphers. We present in this paper an in-depth complexity analysis of these attacks. We show an unified way to mount such attacks and provide generic formulas for estimating their time and data complexities. LBlock is a well studied lightweight block cipher with respect to impossible differential att...

Camellia is one of the widely used block ciphers, which has been selected as an international standard by ISO/IEC. In this paper, by exploiting some interesting properties of the key-dependent layer, we improve previous results on impossible differential cryptanalysis of reduced-round Camellia and gain some new observations. First, we introduce some new 7-round impossible differentials of Camel...

This paper studies the search for the impossible differentials of E2. We apply the Shrinking technique, the miss-in-the-middle technique, and a new search algorithm to E2. As a result, no impossible differential is found for E2 with more than 5 rounds. We conclude that E2 is secure against cryptanalysis using impossible differentials derived by the currently known techniques.

Finding the longest impossible differentials is an essential assignment in proceeding impossible differential cryptanalysis. In this paper, we introduce a novel tool to search the longest truncated impossible differentials for word-oriented block ciphers with bijective S-boxes. It costs polynomial time to return a flag indicating whether a truncated differential is impossible under several filt...

Kiasu-BC is a tweakable block cipher proposed by Jean et al. at ASIACRYPT 2014 alongside their TWEAKEY framework. The cipher is almost identical to the AES-128 except for the tweak, which renders it an attractive primitive for various modes of operation and applications requiring tweakable block ciphers. Therefore, studying how the additional tweak input affects security compared to that of the...

We introduce subspace trail cryptanalysis, a generalization of invariant subspace cryptanalysis. With this more generic treatment of subspaces we do no longer rely on specific choices of round constants or subkeys, and the resulting method is as such a potentially more powerful attack vector. Interestingly, subspace trail cryptanalysis in fact includes techniques based on impossible or truncate...

In June 2013 the U.S. National Security Agency proposed two families of ultra-lightweight block ciphers, called Simon and Speck. In this paper we present the first cryptanalysis of round-reduced versions of Simon. We mount differential distinguishers and key-recovery attacks on up to 14/32, 17/36, 21/44, 26/54, and 32/72 rounds, for the 32-, 48-, 64-, 96-, and 128-bit versions, respectively. Fu...

Camellia is one of the most worldwide used block ciphers, which has been selected as a standard by ISO/IEC. In this paper, we propose several new 7-round impossible differentials of Camellia with 2 FL/FL−1 layers, which turn out to be the first 7-round impossible differentials with 2 FL/FL−1 layers. Combined with some basic techniques including the early abort approach and the key schedule cons...