Abstract
The SC2000 block cipher has a 128-bit block size and a user key of 128, 192 or 256 bits, which employs a total of 6.5 rounds if a 128-bit user key is used. It is a CRYPTREC recommended e-government cipher in Japan. In this paper we address how to recover the user key from a few subkey bits of SC2000, and describe two 4.75-round differential characteristics with probability 2-126 of SC2000 and seventy-six 4.75-round differential characteristics with probability 2-127. Finally, we present a differential cryptanalysis attack on a 5-round reduced version of SC2000 when used with a 128-bit key; the attack requires 2125:68 chosen plaintexts and has a time complexity of 2125:75 5-round SC2000 encryptions. The attack does not threat the security of the full SC2000 cipher, but it suggests for the first time that the safety margin of SC2000 with a 128-bit key decreases below one and a half rounds.
Similar content being viewed by others
References
Lu J. Differential attack on five rounds of the SC2000 block cipher. In Proc. INSCRYPT 2009, Beijing, China, Dec. 12–15, 2009, pp.50-59.
Shimoyama T, Yanami H, Yokoyama K, Takenaka M, Itoh K, Yajima J, Torii N, Tanaka H. The block cipher SC2000. In Proc. FSE 2001, Yokohama, Japan, Apr. 2–4, 2001, pp.312-327.
Fujitsu Laboratories. http://jp.fujitsu.com/group/labs/en/techinfo/technote/crypto/sc2000.html.
Cryptography research and evaluation committees ― CRYPTREC report 2002.
Biham E, Shamir A. Differential Cryptanalysis of the Data Encryption Standard. Springer-Verlag, 1993.
Raddum H, Knudsen L R. A differential attack on reduced-round SC2000. In Proc. SAC 2001, Ontario, Canada, Aug. 16–17, 2001, pp.190-198.
Biham E, Dunkelman O, Keller N. New results on boomerang and rectangle attacks. In Proc. FSE 2002, Leuven, Belgium, Feb. 4–6, 2002, pp.1-16.
Wagner D. The boomerang attack. In Proc. FSE 1999, Rome, Italy, Mar. 24–26, 1999, pp.156-170.
Kelsey J, Kohno T, Schneier B. Amplified boomerang attacks against reduced-round MARS and Serpent. In Proc. FSE 2000, New York, USA, Apr. 10–12, 2000, pp.75-93.
Biham E, Dunkelman O, Keller N. The rectangle attack ― Rectangling the Serpent. In Proc. EUROCRYPT 2001, Innsbruck, Austria, May 6–10, 2001, pp.340-357.
Dunkelman O, Keller N. Boomerang and rectangle attacks on SC2000. In the 2nd Open NESSIE Workshop, Surrey, UK, Sept. 12–13, 2001.
Yanami H, Shimoyama T, Dunkelman O. Differential and linear cryptanalysis of a reduced-round SC2000. In Proc. FSE 2002, Leuven, Belgium, Feb. 4–6, pp.34-48.
Matsui M. Linear cryptanalysis method for DES cipher. In Proc. EUROCRYPT 1993, Lofthus, Norway, May 23–27, 1993, pp.386-397.
Biham E, Shamir A. Differential cryptanalysis of DES-like cryptosystems. In Proc. CRYPTO 1990, Santa Barbara, USA, Aug. 11–15, 1990, pp.2-21.
Data encryption standard (DES), FIPS-46. National Institute of Standards and Technology (NIST), 1977.
Murphy S. The cryptanalysis of FEAL-4 with 20 chosen plain-texts. Journal of Cryptology, 1990, 2(3): 145–154.
Shimizu A, Miyaguchi S. Fast data encipherment algorithm FEAL. In Proc. EUROCRYPT 1987, Amsterdam, The Netherlands, Apr. 13–15, 1987, pp.267-278.
Lai X, Massey J L, Murphy S. Markov ciphers and differential cryptanalysis. In Proc. EUROCRYPT 1991, Brighton, UK, Apr. 8–11, pp.17-38.
Handschuh H, Naccache D. SHACAL. In the First Open NESSIE Workshop, Leuven, Belgium, Nov. 13–14, 2000.
Selçuk A A. On probability of success in linear and differential cryptanalysis. Journal of Cryptology, 2008, 21(1): 131–147.
Advanced encryption standard (AES), FIPS-197. National Institute of Standards and Technology (NIST), 2001.
Author information
Authors and Affiliations
Corresponding author
Additional information
This work as well as the author was supported by the French ANR Project SAPHIR II.
*A preliminary version appeared in post-proceedings of INSCRYPT 2009[1].
Electronic Supplementary Material
Below is the link to the electronic supplementary material.
Rights and permissions
About this article
Cite this article
Lv, JQ. Differential Attack on Five Rounds of the SC2000 Block Cipher* . J. Comput. Sci. Technol. 26, 722–731 (2011). https://doi.org/10.1007/s11390-011-1171-2
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11390-011-1171-2