New Attacks on IDEA with at Least 6 Rounds

Eli Biham, Orr Dunkelman, Nathan Keller, Adi Shamir

Research output: Contribution to journalArticlepeer-review


IDEA is a 64-bit block cipher with 128-bit keys which was introduced by Lai and Massey in 1991. The best previously published attack on IDEA could only handle 6 of its 8.5-rounds. In this paper, we combine a highly optimized meet-in-the-middle attack with a keyless version of the Biryukov–Demirci relation to obtain a greatly improved attack on 6-round IDEA which requires only two known plaintexts, and the first key recovery attacks on versions of IDEA with 6.5 to 8.5 rounds.

Original languageEnglish
Pages (from-to)209-239
Number of pages31
JournalJournal of Cryptology
Issue number2
StatePublished - Apr 2015

Bibliographical note

Funding Information:
O. Dunkelman was supported in part by the German–Israeli Foundation for Scientific Research and Development through grant No. 2282-2222.6/2011.

Publisher Copyright:
© 2013, International Association for Cryptologic Research.


  • Biryukov–Demirci relation
  • Cryptanalysis
  • IDEA
  • Zero-in-the-Middle attack

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Applied Mathematics


Dive into the research topics of 'New Attacks on IDEA with at Least 6 Rounds'. Together they form a unique fingerprint.

Cite this