Paper 2010/073

Related-Key Boomerang Attack on Block Cipher SQUARE

Bonwook Koo, Yongjin Yeom, and Junghwan Song

Abstract

Square is 8-round SPN structure block cipher and its round function and key schedule have been slightly modified to design building blocks of Rijndael. Key schedule of Square is simple and efficient but fully affie, so we apply a related-key attack on it. We find a 3-round related-key differential trail with probability 2^28, which have zero differences both on its input and output states, and this trail is called the local collision in [5]. By extending of this related-key differential, we construct a 7-round related-key boomerang distinguisher and successful attack on full round Square. The best attack on Square have ever been known is the square attack on 6-round reduced variant of Square. In this paper, we present a key recovery attack on the full round of Square using a related-key boomerang distinguisher. We construct a 7-round related-key boomerang distinguisher with probability 2^119 by finding local collision, and calculate its probability using ladder switch and local amplification techniques. As a result, one round on top of distinguisher is added to construct a full round attack on Square which recovers 16-bit key information with 2^36 encryptions and 2^123 data.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
block cipherrelated-key boomerang attackSQUARE
Contact author(s)
kidkoo @ gmail com
History
2010-02-11: received
Short URL
https://ia.cr/2010/073
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2010/073,
      author = {Bonwook Koo and Yongjin Yeom and Junghwan Song},
      title = {Related-Key Boomerang Attack on Block Cipher SQUARE},
      howpublished = {Cryptology ePrint Archive, Paper 2010/073},
      year = {2010},
      note = {\url{https://eprint.iacr.org/2010/073}},
      url = {https://eprint.iacr.org/2010/073}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.