Title: Yoyo cryptanalysis on Future

Authors: Sandip Kumar Mondal; Mostafizar Rahman; Santanu Sarkar; Avishek Adhikari

Addresses: Department of Pure Mathematics, University of Calcutta, Kolkata, India ' RC Bose Centre for Cryptology and Security, Indian Statistical Institute, Kolkata, India ' Department of Mathematics, Indian Institute of Technology Madras, Chennai, India ' Department of Mathematics, Presidency University, Kolkata, India

Abstract: In ASIACRYPT 2017, Rønjom et al. reported Yoyo tricks on generic rounds of SPNs. Then they applied it to AES and found the most effective way to distinguish AES in several rounds. In FSE 2018, Saha et al. distinguished AES in a known key setting up to 8 rounds. In AFRICACRYPT 2022, Gupta et al. published a block cipher Future, whose design is like AES with some tweaks. In this paper, we analysed Future by Yoyo trick in both secret key settings and known key settings. We show that in the secret key setting, one can distinguish Future upto five and six rounds with data complexity 2^9.83 and 2^58.83 respectively. We also demonstrate that with known key settings, one can distinguish Future with data complexity 2¹⁵ for both six and eight rounds. Our attack is based on an adaptively chosen plaintext/ciphertext attack.

Keywords: distinguisher; Future; Yoyo.

DOI: 10.1504/IJACT.2024.138453

International Journal of Applied Cryptography, 2024 Vol.4 No.3/4, pp.238 - 249

Received: 21 Jan 2023
Accepted: 06 Sep 2023
Published online: 03 May 2024 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article