Related-Key Cryptanalysis of Midori

Abstract : Midori64 and Midori128 [2] are lightweight block ciphers, which respectively cipher 64-bit and 128-bit blocks. While several attack models are discussed by the authors of Midori, the authors made no claims concerning the security of Midori against related-key differential attacks. In this attack model, the attacker uses related-key differential characteristics, i.e., tuples (δP , δK , δC) such that a difference (generally computed as a XOR) of δP in the plaintext coupled with a difference δK in the key yields a difference δC after r rounds with a good probability. In this paper, we propose a constraint programming model to automate the search for optimal (in terms of probability) related-key differential characteristics on Midori. Using it, we build related-key distinguishers on the full-round Midori64 and Midori128, and mount key recovery attacks on both versions of the cipher with practical time complexity, respectively 2 35.8 and 2 43.7 .
Document type :
Conference papers
Complete list of metadatas

Cited literature [19 references]  Display  Hide  Download
Contributor : David Gerault <>
Submitted on : Friday, September 15, 2017 - 7:01:31 PM
Last modification on : Thursday, January 11, 2018 - 6:16:31 AM
Long-term archiving on : Saturday, December 16, 2017 - 2:29:40 PM


Files produced by the author(s)


  • HAL Id : hal-01588566, version 1


David Gerault, Pascal Lafourcade. Related-Key Cryptanalysis of Midori. International Conference on Cryptology in India, Dec 2016, Kolkata, India. ⟨hal-01588566⟩



Record views


Files downloads