International Association
for Cryptologic Research

NOEKEON is a block cipher having key-size 128 and block size 128,proposed by Daemen, J et al.Shekh Faisal

Abdul-Latip et al. give a side channel attack(under the single bit leakage model) on the cipher at ISPEC 2010.Their

analysis shows that one can recover the 128-bit key of the cipher, by considering a one-bit information leakage from

the internal state after the second round, with time complexity of O(2^68) evaluations of the cipher, and data complexity

of about 2^10 chosen plaintexts.Our side channel attack improves upon the previous work of Shekh Faisal Abdul-Latip

et al. from two aspects. First, we use the Hamming weight leakage model(Suppose the Hamming weight of the lower

64 bits and the higher 64 bits of the output of the first round can be obtained without error) which is a more relaxed

leakage assumption, supported by many previously known practical results on side channel attacks, compared to the

more challenging leakage assumption that the adversary has access to the \"exact\" value of the internal state bits as

used by Shekh Faisal Abdul-Latip et al. Second, our attack has also a reduced complexity compared to that of Shekh

Faisal Abdul-Latip et al. Namely, our attack of recovering the 128-bit key of NOEKEON has a time complexity 20.1

seconds on a PC with 2.6 GHZ CPU and 8G RAM and data complexity of 99 known plaintexts; whereas, that of

Shekh Faisal Abdul-Latip et al. has time complexity of O(2^68) and needs about 2^10 chosen plaintexts.