IACR News item: 10 February 2014
Anne Canteaut, Thomas Fuhr, Henri Gilbert, Maria Naya-Plasencia, Jean-René Reinhard
ePrint Reportcryptanalysts. Several results on reduced versions have been published
to date; the best one is an attack on 8 rounds out of the total number
of 12. In this paper we improve this result by two rounds: we provide
an attack on 10 rounds of the cipher with a data complexity of $2^{57.94}$ and a time complexity of $2^{60.62}$, corresponding to 118.56 security bits, instead of 126 for the generic attacks. Our attack uses multiple differentials and exploits some properties of PRINCE for recovering the whole key. PRINCE is defined as a member of a family of ciphers, differing by the choice of an Sbox among a distinguished set. We also show that the security offered by all the members of the family is not equivalent, by identifying an Sbox for which our attack can be extended up to 11 rounds with a data complexity of $2^{59.81}$ and a time complexity of $2^{62.43}$.
Additional news items may be found on the IACR news page.