Key recovery attacks on reduced-round Joltik-BC in the single-key setting

Abstract

Joltik-BC is a tweakable block cipher used in the CAESAR candidate Joltik. In this paper, we propose meet-in-the-middle attacks on Joltik-BC in the single-key setting. Our attacks are constructed utilizing the freedom of the tweak and differential enumeration technique. As a result, we get an attack on 8-round Joltik-BC-64-64 with a data complexity of 253.5, a memory complexity of 253 and a time complexity of 253.6. We also present an attack on 10-round Joltik-BC-128-64 with a data complexity of 256.1, a memory complexity of 2123.5 and a time complexity of 2126.5. As far as we know, these are the best single-key attacks on Joltik-BC.