Yongzhuang Wei

Learn More
The AES block cipher has a 128-bit block length and a user key of 128, 192 or 256 bits, released by NIST for data encryption in the USA; it became an ISO international standard in 2005. In 2008, Demirci and Selçuk gave a meet-in-the-middle attack on 7-round AES under 192 key bits. In 2009, Demirci et al. (incorrectly) described a new meetin-the-middle(More)
The Camellia block cipher has a 128-bit block length and a user key of 128, 192 or 256 bits long, which employs a total of 18 rounds for a 128-bit key and 24 rounds for a 192 or 256-bit key. It is a Japanese CRYPTREC-recommended e-government cipher, a European NESSIE selected cipher, and an ISO international standard. In this paper, we describe a few 5 and(More)
This paper investigates two new design rules of nonlinear combining functions in stream ciphers. It is shown that a combining function with high nonlinearity and high order correlation immunity is still not enough to prevent the divide and conquer attack and the BAA attack (or the best affine approximation attack) since the autocorrelation function of the(More)
The Camellia block cipher has a 128-bit block length, a user key of 128, 192 or 256 bits long, and a total of 18 rounds for a 128-bit key and 24 rounds for a 192 or 256-bit key. It is a Japanese CRYPTRECrecommended e-government cipher, an European NESSIE selected cipher and an ISO international standard. In this paper, we describe a flaw in the approach(More)
Recently, several construction methods of highly nonlinear Boolean functions with relatively good algebraic properties were proposed. These approaches manage in optimizing most of the relevant cryptographic criteria, but not all of them at the same time. Usually, either the nonlinearity bounds are rather loose (though the actual nonlinearity is relatively(More)
The problem of constructing bent-negabent functions that do not belong to the completed Maiorana-McFarland class emerges implicitly through a series of construction methods proposed recently. These approaches manage to optimize the algebraic degree of bent-negabent functions, but all of the constructed bent-negabent functions belong to the completed(More)
Related-key and chosen IV attacks are well known cryptanalytic tools in cryptanalysis of stream ciphers. Though the related-key model is considered to be much more unrealistic scenario than the chosen IV model we show that under certain circumstances the attack assumptions may become equivalent. We show that the key differentiation method induces a generic(More)