Analysis of Two Attacks on Reduced-Round Versions of the SMS4

Toz D., Dunkelman O.

10th International Conference on Information and Communications Security, Birmingham, İngiltere, 20 - 22 Ekim 2008, cilt.5308, ss.141-143 identifier identifier

  • Cilt numarası: 5308
  • Doi Numarası: 10.1007/978-3-540-88625-9-10
  • Basıldığı Şehir: Birmingham
  • Basıldığı Ülke: İngiltere
  • Sayfa Sayıları: ss.141-143


SMS4 is a 128-bit block cipher used in WAPI (the Chinese national standard for wireless networks). Up until recently, the best attacks on SMS4 known, in terms of the number of rounds, were the rectangle attack on 14 rounds and the impossible differential attack on 16 rounds (out of 32 rounds) presented by Lu. While analyzing them, we noticed that these attacks have flaws and that their complexity analysis is inaccurate. In this paper we make a more comprehensive analysis of these attacks and further improve these results.