Geodesic
An attack on $\mathrm{6}$ rounds of Khazad
Matematičeskie voprosy kriptografii, Tome 7 (2016) no. 2, pp. 35-46 Cet article a éte moissonné depuis la source Math-Net.Ru

Voir la notice de l'article

We suggest new attacks on the $64$-bit block cipher Khazad. These attacks use some structural properties of its round function. As a result we find $14$ new classes of weak keys for $5$ and $6$ rounds of Khazad. Particularly we show that Khazad has $7$ classes of weak keys for $5$ and $6$ rounds such that the cardinality of each class is $2^{64}$. The time complexity of weak keys recovering is $2^{35}$ $\mathrm{S}$-box lookups for $5$ rounds and $2^{43}$ $\mathrm{S}$-box lookups for $6$ rounds. The corresponding data complexity is $2^{32}$ chosen plaintexts. 
@article{MVK_2016_7_2_a2,
     author = {D. A. Burov and B. A. Pogorelov},
     title = {An attack on $\mathrm{6}$ rounds of {Khazad}},
     journal = {Matemati\v{c}eskie voprosy kriptografii},
     pages = {35--46},
     year = {2016},
     volume = {7},
     number = {2},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/MVK_2016_7_2_a2/}
}
TY  - JOUR
AU  - D. A. Burov
AU  - B. A. Pogorelov
TI  - An attack on $\mathrm{6}$ rounds of Khazad
JO  - Matematičeskie voprosy kriptografii
PY  - 2016
SP  - 35
EP  - 46
VL  - 7
IS  - 2
UR  - http://geodesic.mathdoc.fr/item/MVK_2016_7_2_a2/
LA  - en
ID  - MVK_2016_7_2_a2
ER  - 
%0 Journal Article
%A D. A. Burov
%A B. A. Pogorelov
%T An attack on $\mathrm{6}$ rounds of Khazad
%J Matematičeskie voprosy kriptografii
%D 2016
%P 35-46
%V 7
%N 2
%U http://geodesic.mathdoc.fr/item/MVK_2016_7_2_a2/
%G en
%F MVK_2016_7_2_a2
D. A. Burov; B. A. Pogorelov. An attack on $\mathrm{6}$ rounds of Khazad. Matematičeskie voprosy kriptografii, Tome 7 (2016) no. 2, pp. 35-46. http://geodesic.mathdoc.fr/item/MVK_2016_7_2_a2/

[1] Barreto P. S. L. M., Rijmen V., “The Khazad legacy-level block cipher”, Proceedings of First Open NESSIE Workshop, KU Leuven, Leuven, 2000 https://www.cosic.esat.kuleuven.be/nessie/workshop/submissions.html

[2] Biryukov A., “Analysis of involutional ciphers: Khazad and Anubis”, Fast Software Encryption, FSE 2003, Lect. Notes Comput. Sci., 2887, 2003, 45–53 | DOI | Zbl

[3] Birukov A., Nikolic I., “Automatic search for related-key differential characteristics in byteoriented block ciphers: Application to AES, Camellia, Khazad and others”, Advances in Cryptology-EUROCRYPT 2010, Lect. Notes Comput. Sci., 6110, 2010, 322–344 | DOI | MR

[4] Leander G., Abdelraheem M. A., Alkhzaimi H., Zenner E., “A cryptanalysis of PRINT cipher: The invariant subspace attack”, Advances in Cryptology-EUROCRYPT 2011, Lect. Notes Comput. Sci., 6841, 2011, 206–221 | DOI | MR | Zbl

[5] Müller F., “A new attack against Khazad”, Advances in Cryptology-ASIACRYPT 2003, Lect. Notes Comput. Sci., 2894, 2003, 347–358 | DOI | MR | Zbl

[6] Pogorelov B. A., Fundamentals of the Theory of Permutation Groups, v. 1, General Aspects, M., 1986, 316 pp. (in Russian)

[7] Discrete Math. Appl., 24:2 (2014), 95–108 | DOI | DOI | MR | MR | Zbl | Zbl

[8] Pogorelov B. A., Pudovkina M. A., “Factor structures of transformations”, Matematicheskie voprosy kriptografii (Math. Aspects Cryptogr.), 3:3 (2012), 81–104 (In Russian) | MR

[9] Pogorelov B. A., Pudovkina M. A., “Combinatorical characterization of XL-layers”, Matematicheskie voprosy kriptografii (Math. Aspects Cryptogr.), 4:3 (2013), 99–129 (In Russian) | MR

[10] Yonglong T., “New Cryptanalysis on 6-round Khazad”, Adv. Inf. Sci. Serv. Sci., 5:1 (2013), 94–103