抄録
Piccolo is a lightweight block cipher proposed by Sony Corporation in 2011. The designers showed two key modes, Piccolo-80 and Piccolo-128, which use an 80-bit secret key and a 128-bit one, respectively. Isobe and Shibutani estimated the security of Piccolo-80, and they showed that 14-round (reduced) Piccolo-80 w/o whitening keys is vulnerable against the Meet-in-the-Middle attack. The time complexity of their attack is about 273, but unfortunately it requires 264 texts, namely, the full code book. In this paper, we propose a new impossible differential attack against 14-round Piccolo-80 w/o whitening keys, and it can recover the secret key without relying on the full code book. The time complexity is 268 and it uses 262.2 distinct know plaintexts.
