International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 16 November 2013

Yonglin Hao, Dongxia Bai
ePrint Report ePrint Report
The meet-in-the-middle (MITM) attack on AES is a great success.

In this paper, we apply the method to the lightweight SPN block cipher mCrypton.

We prove that the multiset technique used to analyze AES can not be applied directly to mCrypton due to the scarcity of information. As a solution, we replace the unordered multiset with the ordered sequence. We lower the memory requirement from $2^{100}$ to $2^{44}$ using the efficient differential enumeration technique.

Based on these modifications, we construct a MITM attack on 7-round mCrypton-64/96/128 with complexities

of $2^{44}$ 64-bit blocks and $2^{57}$ encryptions.

We further extend the attack to 8 and 9 rounds for mCrypton-128 by adding some key-bridging techniques. The 8-round attack requires $2^{44}$ blocks and $2^{96}$ encryptions while the 9-round attack needs $2^{120}$ blocks and $2^{116}$ encryptions.

Expand

Additional news items may be found on the IACR news page.