Another look at complementation properties

Charles Bouillaguet, Orr Dunkelman, Gaëtan Leurent, Pierre Alain Fouque

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


In this paper we present a collection of attacks based on generalisations of the complementation property of DES. We find symmetry relations in the key schedule and in the actual rounds, and we use these symmetries to build distinguishers for any number of rounds when the relation is deterministic. This can be seen as a generalisation of the complementation property of DES or of slide/related-key attacks, using different kinds of relations. We further explore these properties, and show that if the relations have easily found fixed points, a new kind of attacks can be applied. Our main result is a self-similarity property on the SHA-3 candidate Lesamnta, which gives a very surprising result on its compression function. Despite the use of round constants which were designed to thwart any such attack, we show a distinguisher on the full compression function which needs only one query, and works for any number of rounds. We also show how to use this self-similarity property to find collisions on the full compression function of Lesamnta much faster than generic attacks. The main reason for this is the structure found in these round constants, which introduce an interesting and unexpected symmetry relation. This casts some doubt on the use of highly structured constants, as it is the case in many designs, including the AES and several SHA-3 candidates. Our second main contribution is a new related-key differential attack on round-reduced versions of the XTEA block-cipher. We exploit the weakness of the key-schedule to suggest an iterative related-key differential. It can be used to recover the secret key faster than exhaustive search using two related keys on 37 rounds. We then isolate a big class of weak keys for which we can attack 51 rounds out of the cipher's 64 rounds. We also apply our techniques to ESSENCE and PURE.

Original languageEnglish
Title of host publicationFast Software Encryption - 17th International Workshop, FSE 2010, Revised Selected Papers
Number of pages18
StatePublished - 2010
Externally publishedYes
Event17th International Workshop on Fast Software Encryption, FSE 2010 - Seoul, Korea, Republic of
Duration: 7 Feb 201010 Feb 2010

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6147 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference17th International Workshop on Fast Software Encryption, FSE 2010
Country/TerritoryKorea, Republic of

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science (all)


Dive into the research topics of 'Another look at complementation properties'. Together they form a unique fingerprint.

Cite this