Yongzhuang Wei

Learn More
This paper investigates two new design rules of nonlinear combining functions in stream ciphers. It is shown that a combining function with high nonlinearity and high order correlation immunity is still not enough to prevent the divide and conquer attack and the BAA attack (or the best affine approximation attack) since the autocorrelation function of the(More)
The Camellia block cipher has a 128-bit block length, a user key of 128, 192 or 256 bits long, and a total of 18 rounds for a 128-bit key and 24 rounds for a 192 or 256-bit key. It is a Japanese CRYPTREC-recommended e-government cipher, an European NESSIE selected cipher and an ISO international standard. In this paper, we describe a flaw in the approach(More)
The AES block cipher has a 128-bit block length and a user key of 128, 192 or 256 bits, released by NIST for data encryption in the USA; it became an ISO international standard in 2005. In 2008, Demirci and Selçuk gave a meet-in-the-middle attack on 7-round AES under 192 key bits. In 2009, Demirci et al. (incorrectly) described a new meet-in-the-middle(More)
The Camellia block cipher has a 128-bit block length and a user key of 128, 192 or 256 bits long, which employs a total of 18 rounds for a 128-bit key and 24 rounds for a 192 or 256-bit key. It is a Japanese CRYPTREC-recommended e-government cipher, a European NESSIE selected cipher, and an ISO international standard. In this paper, we describe a few 5 and(More)
Recently, several construction methods of highly nonlinear Boolean functions with relatively good algebraic properties were proposed. These approaches manage in optimizing most of the relevant cryptographic criteria, but not all of them at the same time. Usually, either the nonlinearity bounds are rather loose (though the actual nonlinearity is relatively(More)
Related-key and chosen IV attacks are well known cryptanalytic tools in crypt-analysis of stream ciphers. Though the related-key model is considered to be much more unrealistic scenario than the chosen IV model we show that under certain circumstances the attack assumptions may become equivalent. We show that the key differentiation method induces a generic(More)
In this paper, the correlation properties of a nonlinear combining function over its support or zero set are investigated. Based on this characterization, a new attack on nonlinear combining generators is proposed. Our attack does not utilize traditional (non)linear statistics between the input and the output over the entire variable space, as the(More)