Piccolo is a lightweight block cipher proposed by Sony Corporation in 2011. The designers showed two key modes,
Piccolo-80 and
Piccolo-128, which use an 80-bit secret key and a 128-bit one, respectively. Isobe and Shibutani estimated the security of
Piccolo-80, and they showed that 14-round (reduced)
Piccolo-80 w/o whitening keys is vulnerable against the Meet-in-the-Middle attack. The time complexity of their attack is about 2
73, but unfortunately it requires 2
64 texts, namely, the full code book. In this paper, we propose a new impossible differential attack against 14-round
Piccolo-80 w/o whitening keys, and it can recover the secret key without relying on the full code book. The time complexity is 2
68 and it uses 2
62.2 distinct know plaintexts.
抄録全体を表示