Differential and linear cryptanalysis of a reduced-round SC2000

Hitoshi Yanami, Takeshi Shimoyama, Orr Dunkelman

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


We analyze the security of the SC2000 block cipher against both differential and linear attacks. SC2000 is a six-and-a-half-round block cipher, which has a unique structure that includes both the Feistel and Substitution-Permutation Network (SPN) structures. Taking the structure of SC2000 into account, we investigate one- and two-round iterative differential and linear characteristics. We present two-round iterative differential characteristics with probability 2-58 and two-round iterative linear characteristics with probability 2-56. These characteristics, which we obtained through a search, allowed us to attack four-and-a-half-round SC2000 in the 128-bit user-key case. Our differential attack needs 2103 pairs of chosen plaintexts and 220 memory accesses and ourlinearattac k needs 2115.17 known plaintexts and 242.32 memory accesses, or 2104.32 known plaintexts and 283.32 memory accesses.

Original languageEnglish
Title of host publicationFast Software Encryption - 9th International Workshop, FSE 2002, Revised Papers
EditorsJoan Daemen, Vincent Rijmen
PublisherSpringer Verlag
Number of pages15
ISBN (Print)9783540440093
StatePublished - 2002
Externally publishedYes
Event9th International Workshop on Fast Software Encryption, FSE 2002 - Leuven, Belgium
Duration: 4 Feb 20026 Feb 2002

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference9th International Workshop on Fast Software Encryption, FSE 2002

Bibliographical note

Publisher Copyright:
© Springer-Verlag Berlin Heidelberg 2002.


  • Characteristic
  • Differential attack
  • Linear attack
  • Probability
  • SC2000
  • Symmetric block cipher

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Differential and linear cryptanalysis of a reduced-round SC2000'. Together they form a unique fingerprint.

Cite this