Improved meet-in-the-middle attacks on reduced-round tweakable block ciphers Kiasu-BC and Deoxys-BC

Tweakable block ciphers Kiasu-BC and Deoxys-BC are both the internal block ciphers of the candidates for the CAESAR authenticated encryption competition. The cryptanalysis of Kiasu-BC and Deoxys-BC is helpful to promote the cryptanalysis process of tweakable block ciphers. At present, under the condition of related-tweak single-key model, the results of the meet-in-the-middle attacks on Kiasu-BC and Deoxys-BC are the best attacks among all the traditional cryptanalysis methods. Hence, in this paper, we improve the results of the meet-in-the-middle attacks on Kiasu-BC and Deoxys-BC with the help of automatic search model proposed by Shi et al. We study the properties of MixCloumn operation to compute several linear equations. Combining the linear equations with the differential cancellation technique and the differential enumeration technique, as results, we construct the first 6-round meet-in-the-middle distinguisher for Kiasu-BC, the first 7-round meet-in-the-middle distinguisher for Deoxys-BC-256 and the first 8-round meet-in-the-middle distinguisher for Deoxys-BC-384. Based on the new distinguishers, we present favorable results of the 8-round meet-in-the-middle attack on Kiasu-BC, 9-round meet-in-themiddle attack on Deoxys-BC-256 and 11-round meet-in-the-middle attack on Deoxys-BC-384. The favorable results of the attacks improve the time complexities of the current meet-in-the-middle attacks on Kiasu-BC and Deoxys-BC. (c) 2023 The Author(s). Published by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).