Abstract
This paper analyzes the subspace trail of Midori-64 and uses the propagation law and mutual relationship of the subspaces of Midori-64 to provide a 6-round Midori-64 subspace trail-based impossible differential key recovery attack. The data complexity of the attack is 2 54.6 chosen plaintexts, and the computational complexity is 2 58.2 lookup operations. Its overall complexity is less than that of the known 6-round truncated impossible differential distinguisher. This distinguisher is also applicable to Midori-128 with a secret S -box. Additionally, utilizing the properties of subspaces, we prove that a subspace trail-based impossible differential distinguisher of Midori-64 contains at most 7 rounds. This is 1 more than the upper bound of Midori-64’s truncated impossible differential distinguisher which is 6. According to the Hamming weights of the starting and ending subspaces, we classify all 7-round Midori-64 subspace trail-based impossible differential distinguishers into two types and they need 2 59.6 and 2 51.4 chosen plaintexts, respectively.
Highlights
With the development of the Internet of ings, the security issues of the Internet of ings are becoming serious
Subspace trail analysis has been mainly used in attacks on substitution-permutation network (SPN)-structured cryptographic algorithms such as the Advanced Security Standard (AES) [21]; this method is used to construct distinguishers or perform key recovery without possessing the information related to the S-box and the key
We focus on Midori-64 with a secret bijective S-box and use the subspace trail to derive a general method for recovering all keys without any information or an equivalent representation of the S-box
Summary
With the development of the Internet of ings, the security issues of the Internet of ings are becoming serious. Since most of the encryption devices on the Internet of ings have small storage space and weak computing power, the traditional cryptographic algorithms are not suitable for protecting information security on the Internet of ings. In 2017, Lin et al used the meet-in-the-middle method [14] to construct 5round and 6-round distinguishers [14] and provided security analysis results for the Midori-64 algorithm with 10 to 12 rounds [15], among which the 12-round Midori-64 key recovery attack required 255 chosen plaintexts, 2106 of storage, and 2125.5 calculations. Us, we classify all 7round space trail-based impossible differential distinguishers of Midori-64.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
