Low-Data Complexity Attacks on Camellia

  • Takeru KoieEmail author
  • Takanori Isobe
  • Yosuke Todo
  • Masakatu Morii
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 719)


In this paper, we propose low-data complexity attacks on reduced-round Camellia. Our attacks are based on deterministic truncated differential characteristics exploiting properties of binaries matrices and differential properties of S-boxes of Camellia. Combining these with the structure of Camellia, we obtain low data complexity attacks on 4 to 7 rounds of Camellia. Surprisingly, 4 to 6 rounds attacks are feasible with only two chosen plaintexts and the attacks complexity becomes very practical by increasing a small amount of data.


Block cipher Camellia Truncated differential cryptanalysis 


  1. 1.
    Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: a 128-bit block cipher suitable for multiple platforms—design and analysis. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 39–56. Springer, Heidelberg (2001). doi: 10.1007/3-540-44983-3_4 CrossRefGoogle Scholar
  2. 2.
    Bogdanov, A., Geng, H., Wang, M., Wen, L., Collard, B.: Zero-correlation linear cryptanalysis with FFT and improved attacks on ISO standards camellia and CLEFIA. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 306–323. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-43414-7_16 CrossRefGoogle Scholar
  3. 3.
    Bogdanov, A., Khovratovich, D., Rechberger, C.: Biclique cryptanalysis of the full AES. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 344–371. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-25385-0_19 CrossRefGoogle Scholar
  4. 4.
    Bouillaguet, C., Derbez, P., Dunkelman, O., Fouque, P.A., Keller, N., Rijmen, V.: Low-data complexity attacks on AES. IEEE Trans. Inf. Theory 58(11), 7002–7017 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  5. 5.
    Boura, C., Naya-Plasencia, M., Suder, V.: Scrutinizing and improving impossible differential attacks: applications to CLEFIA, Camellia, LBlock and Simon. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 179–199. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-45611-8_10 Google Scholar
  6. 6.
    Chen, J., Li, L.: Low data complexity attack on reduced Camellia-256. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 101–114. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-31448-3_8 CrossRefGoogle Scholar
  7. 7.
    CRYPTREC: Cryptrec ciphers list (2013)Google Scholar
  8. 8.
    Grassi, L., Rechberger, C., Rønjom, S.: Subspace Trail Cryptanalysis and its Applications to AES. IACR Trans. Symmetric Cryptol. 2016(2) (2016)Google Scholar
  9. 9.
    ISO/IEC 18033–3: Information technology - security techniques - encryption algorithms - part 3: Block ciphers (2005)Google Scholar
  10. 10.
    Li, L., Jia, K., Wang, X., Dong, X.: Meet-in-the-middle technique for truncated differential and its applications to CLEFIA and Camellia. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 48–70. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-48116-5_3 CrossRefGoogle Scholar
  11. 11.
    Tiessen, T.: Polytopic cryptanalysis. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 214–239. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49890-3_9 CrossRefGoogle Scholar
  12. 12.
    Wu, W., Feng, D.: Collision attack on reduced-round Camellia. Sci. China Ser. F Inf. Sci. 48(1), 78–90 (2005)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2017

Authors and Affiliations

  • Takeru Koie
    • 1
    Email author
  • Takanori Isobe
    • 2
  • Yosuke Todo
    • 3
  • Masakatu Morii
    • 1
  1. 1.Graduate School of EngineeringKobe UniversityHyogoJapan
  2. 2.University of HyogoHyogoJapan
  3. 3.NTT Secure Platform LaboratoriesTokyoJapan

Personalised recommendations