Linear Cryptanalysis of Block Cipher Xenon

Toshio TOKITA  Mitsuru MATSUI  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E86-A   No.1   pp.13-18
Publication Date: 2003/01/01
Online ISSN: 
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
Category: Symmetric Ciphers and Hash Functions
block cipher,  cryptanalysis,  linear cryptanalysis,  ISO,  Xenon,  

Full Text: PDF(254.9KB)
>>Buy this Article

This paper cryptanalyzes 128-bit block cipher Xenon, which was designed by Chang-Hyi Lee and has been recently proposed by Korea to ISO 18033-3, an ongoing activity in ISO/IEC JTC1/SC27/WG2 for standardizing block cipher algorithms. We study security of Xenon against linear cryptanalysis and show highly biased linear approximate paths that hold with probability 1/2 2-11 in the full 16-round Xenon. As a result, we can easily derive four-bit subkey information of Xenon using 223 known plaintexts with approximate success rate 84%. We also demonstrate a distinguishing attack of Xenon in a chosen plaintext scenario, which successfully reduces the number of required plaintext/ciphertext pairs of the attack. All these results were confirmed by computer experiments.