Related-Key Attacks on Reduced-Round Hierocrypt-L1

Bungo TAGA
Kazumaro AOKI

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences      No.1    pp.126-137
Publication Date: 2017/01/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E100.A.126
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
cryptanalysis,  Hierocrypt-L1,  key scheduling differentials with probability 1,  related-key attacks,  impossible differentials,  CRYPTREC,  

Full Text: PDF(1.1MB)>>
Buy this Article

In this paper, we present several cryptanalyses of Hierocrypt-L1 block cipher, which was selected as one of the CRYPTREC recommended ciphers in Japan in 2003. We present a differential attack and an impossible differential attack on 8 S-function layers in a related-key setting. We first show that there exist the key scheduling differential characteristics which always hold, then we search for differential paths for the data randomizing part with the minimum active S-boxes using the above key differentials. We also show that our impossible differential attack is a new type.