Weak-Key Classes of 7-Round MISTY 1 and 2 for Related-Key Amplified Boomerang Attacks

Eunjin LEE  Jongsung KIM  Deukjo HONG  Changhoon LEE  Jaechul SUNG  Seokhie HONG  Jongin LIM  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E91-A   No.2   pp.642-649
Publication Date: 2008/02/01
Online ISSN: 1745-1337
DOI: 10.1093/ietfec/e91-a.2.642
Print ISSN: 0916-8508
Type of Manuscript: PAPER
Category: Cryptography and Information Security
MISTY 1,  MISTY 2,  weak-key classes,  related-key amplified boomerang attack,  block ciphers,  

Full Text: PDF(722.7KB)>>
Buy this Article

In 1997, M. Matsui proposed secret-key cryptosystems called MISTY 1 and MISTY 2, which are 8- and 12-round block ciphers with a 64-bit block, and a 128-bit key. They are designed based on the principle of provable security against differential and linear cryptanalysis. In this paper we present large collections of weak-key classes encompassing 273 and 270 weak keys for 7-round MISTY 1 and 2 for which they are vulnerable to a related-key amplified boomerang attack. Under our weak-key assumptions, the related-key amplified boomerang attack can be applied to 7-round MISTY 1 and 2 with 254, 256 chosen plaintexts and 255.3 7-round MISTY 1 encryptions, 265 7-round MISTY 2 encryptions, respectively.