›› 2011, Vol. 26 ›› Issue (4): 722-731.doi: 10.1007/s11390-011-1171-2

• Information Security • Previous Articles     Next Articles

Differential Attack on Five Rounds of the SC2000 Block Cipher

Ji-Qiang Lv (吕继强)   

  1. Department of Computer Science, Ecole Normale Superieure, 45 Rue d'Ulm, Paris 75005, France
  • Received:2010-11-25 Revised:2011-05-03 Online:2011-07-05 Published:2011-07-05
  • Supported by:

    This work as well as the author was supported by the French ANR Project SAPHIR II.

The SC2000 block cipher has a 128-bit block size and a user key of 128, 192 or 256 bits, which employs a total of 6.5 rounds if a 128-bit user key is used. It is a CRYPTREC recommended e-government cipher in Japan. In this paper we address how to recover the user key from a few subkey bits of SC2000, and describe two 4.75-round differential characteristics with probability 2-126 of SC2000 and seventy-six 4.75-round differential characteristics with probability 2-127. Finally, we present a differential cryptanalysis attack on a 5-round reduced version of SC2000 when used with a 128-bit key; the attack requires 2125.68 chosen plaintexts and has a time complexity of 2125.75 5-round SC2000 encryptions. The attack does not threat the security of the full SC2000 cipher, but it suggests for the first time that the safety margin of SC2000 with a 128-bit key decreases below one and a half rounds.

[1] Lu J. Differential attack on five rounds of the SC2000 blockcipher. In Proc. INSCRYPT 2009, Beijing, China, Dec.12-15, 2009,pp.50-59.

[2] Shimoyama T, Yanami H, Yokoyama K, Takenaka M, Itoh K, YajimaJ, Torii N, Tanaka H. The block cipher SC2000. In Proc.FSE 2001, Yokohama, Japan, Apr.2-4, 2001, pp.312-327.

[3] Fujitsu Laboratories.http://jp.fujitsu.com/group/labs/en/te-chinfo/te-chnote/crypto/sc2000.html.

[4] Cryptography research and evaluation committees --- CRYPTRECreport 2002. %http://www.ipa.go.jp/security/enc/CR-YPTREC/index-e.html.

[5] Biham E, Shamir A. Differential Cryptanalysis of the DataEncryption Standard. Springer-Verlag, 1993.

[6] Raddum H, Knudsen L R. A differential attack on reduced-roundSC2000. In Proc. SAC 2001, Ontario, Canada, Aug.16-17, 2001,pp.190-198.

[7] Biham E, Dunkelman O, Keller N. New results on boomerang andrectangle attacks. In Proc. FSE 2002, Leuven, Belgium, Feb.4-6, 2002,pp.1-16.

[8] Wagner D. The boomerang attack. In Proc. FSE 1999, Rome, Italy,Mar.24-26, 1999, pp.156-170.

[9] Kelsey J, Kohno T, Schneier B. Amplified boomerang attacks againstreduced-round MARS and Serpent. In Proc. FSE 2000, New York, USA, Apr.10-12,2000, pp.75-93.

[10] Biham E, Dunkelman O, Keller N. The rectangle attack ---Rectangling the Serpent. In Proc. EUROCRYPT 2001, Innsbruck, Austria,May 6-10, 2001, pp.340-357.

[11] Dunkelman O, Keller N. Boomerang and rectangle attacks onSC2000. In the 2nd Open NESSIE Workshop, Surrey, UK, Sept.12-13, 2001.

[12] Yanami H, Shimoyama T, Dunkelman O. Differential and linearcryptanalysis of a reduced-round SC2000. In Proc. FSE 2002, Leuven,Belgium, Feb.4-6, pp.34-48.

[13] Matsui M. Linear cryptanalysis method for DES cipher. In Proc. EUROCRYPT 1993, Lofthus, Norway, May 23-27, 1993, pp.386-397.

[14] Biham E, Shamir A. Differential cryptanalysis of DES-likecryptosystems. In Proc. CRYPTO 1990, Santa Barbara, USA, Aug.11-15,1990, pp.2-21.

[15] Data encryption standard (DES), FIPS-46. National Institute of Standardsand Technology (NIST), 1977.

[16] Murphy S. The cryptanalysis of FEAL-4 with 20 chosenplaintexts. Journal of Cryptology, 1990, 2(3): 145-154.

[17] Shimizu A, Miyaguchi S. Fast data encipherment algorithm FEAL.In Proc. EUROCRYPT 1987, Amsterdam, The Netherlands, Apr.13-15, 1987,pp.267-278.

[18] Lai X, Massey J L, Murphy S. Markov ciphers and differentialcryptanalysis. In Proc. EUROCRYPT 1991, Brighton, UK, Apr.8-11, pp.17-38.

[19] Handschuh H, Naccache D. SHACAL. In the First Open NESSIEWorkshop, Leuven, Belgium, Nov.13-14, 2000.

[20] Selc{cuk A A. On probability of success in linear anddifferential cryptanalysis. Journal of Cryptology, 2008, 21(1): 131-147.

[21] Advanced encryption standard (AES), FIPS-197. National Instituteof Standards and Technology (NIST), 2001.
No related articles found!
Full text



No Suggested Reading articles found!

ISSN 1000-9000(Print)

CN 11-2296/TP

Editorial Board
Author Guidelines
Journal of Computer Science and Technology
Institute of Computing Technology, Chinese Academy of Sciences
P.O. Box 2704, Beijing 100190 P.R. China
E-mail: jcst@ict.ac.cn
  Copyright ©2015 JCST, All Rights Reserved