Impossible Differential Cryptanalysis of Zodiac

Deukjo HONG  Jaechul SUNG  Shiho MORIAI  Sangjin LEE  Jongin LIM  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E85-A   No.1   pp.38-43
Publication Date: 2002/01/01
Online ISSN: 
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
Zodiac,  impossible differential cryptanalysis,  

Full Text: PDF(956.9KB)>>
Buy this Article

In this paper, we discuss the impossible differential cryptanalysis for the block cipher Zodiac. The main design principles of Zodiac include simplicity and efficiency. However, the diffusion layer in its round function is too simple to offer enough security. The impossible differential cryptanalysis exploits such weakness in Zodiac. Our attack using a 14-round impossible characteristic derives the 128-bit master key of the full 16-round Zodiac faster than the exhaustive search. The efficiency of the attack compared with exhaustive search increases as the key size increases.