An improved truncated differential cryptanalysis of KLEIN
Abstract
80 or 96-bit key size which introduce its version. It uses 16 same 4-bit
S-boxes combined with two AES's MixColumn transformations for each
round. This approach allows compact implementations of KLEIN in both
low-end software and hardware. Such an innovative combination attracts
the attention of cryptanalysts, and several security analyses have been
published. The most successful one was represented in FSE 2014 which
was a truncated differential attack. They could attack up to 12, 13 and
14 rounds out of total number of 12, 16 and 20 rounds for KLEIN-64,
-80 and -96, respectively. In this paper, by finding two new truncated
differential paths with better probabilities and a slight changing in key
recovery method we present two truncated differential attacks on KLEIN,
which recover the full secret key with better time and data complexities
for the previously analyzed number of rounds. Also by using these truncated dierential paths we are able to attack up to 14 and 15 rounds
for KLEIN-80 and -96, respectively, which are the highest rounds ever
analyzed.
Full Text:
PDFDOI: https://doi.org/10.2478/tatra.v67i0.444