Presentation | 2000/7/18 Differential Attack on CAST-256 Haruki SEKI, Toshinobu KANEKO, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | An block cipher CAST-256 based on CAST-128 was a candidate algorithm for the AES Round 1. In this paper we present a differential attack on CAST-256 reduced to 9 quad-rounds. One of the three round functions of CAST-256 has differential characteristics, which a non-zero inputxor result in a zero outputxor, with high probability. We also show that CAST-256 has weak keys with respect to differential attack. Thus CAST-256 reduced to 9 quad-rounds can be attacked using 2^<123> chosen plaintexts in the case of differentially weak keys. The time complexity is about 2^<100> encryptions. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Block cipher / CAST-256 / differential attack / AES |
Paper # | ISEC2000-35 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2000/7/18(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Differential Attack on CAST-256 |
Sub Title (in English) | |
Keyword(1) | Block cipher |
Keyword(2) | CAST-256 |
Keyword(3) | differential attack |
Keyword(4) | AES |
1st Author's Name | Haruki SEKI |
1st Author's Affiliation | Telecommunications Advancement Organization of Japan() |
2nd Author's Name | Toshinobu KANEKO |
2nd Author's Affiliation | Department of Electrical Engineering, Science University of TOKYO |
Date | 2000/7/18 |
Paper # | ISEC2000-35 |
Volume (vol) | vol.100 |
Number (no) | 213 |
Page | pp.pp.- |
#Pages | 8 |
Date of Issue |