@inproceedings{08b3af75b46e42a2a34acdf1d32a798c,
title = "Improving the efficiency of impossible differential cryptanalysis of Reduced Camellia and MISTY1",
abstract = "We observe that when conducting an impossible differential cryptanalysis on Camellia and MISTY1, their round structures allow us to partially determine whether a candidate pair is useful by guessing only a small fraction of the unknown required subkey bits of a relevant round at a time, instead of guessing all of them at once. Taking advantage of the early abort technique, we improve a previous impossible differential attack on 6-round MISTY1 without the FL functions, and present impossible differential cryptanalysis of 11-round Camellia-128 without the FL functions, 13-round Camellia-192 without the FL functions and 14-round Camellia-256 without the FL functions. The presented results are better than any previously published cryptanalytic results on Camellia and MISTY1 without the FL functions.",
author = "J. Lu and J. Kim and N. Keller and O. Dunkelman",
year = "2008",
doi = "10.1007/978-3-540-79263-5_24",
language = "English",
isbn = "978-3-540-79262-8",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "370--386",
editor = "T.G. Malkin",
booktitle = "Topics in Cryptology - CT-RSA 2008 (Proceedings of The Cryptographers' Track at the RSA Conference 2008, San Francisco CA, USA, April 8-11, 2008)",
address = "Germany",
}