Crypton is a 128-bit block cipher which was submitted to the Advanced Encryption Standard competition. In this paper, we present two new impossible differential attacks to reduced-round Crypton. Using two new observations on the diffusion layer of Crypton, exploiting a 4-round impossible differential, and appropriately choosing three additional rounds, we mount the first impossible differential attack on 7-round Crypton. The proposed attacks require 2(121) chosen plaintexts each. The first attack requires 2(125.2) encryptions. We then utilize more pre-computation and memory to reduce the time complexity to 2(116.2) encryptions in the second attack.

• 出版日期2010-6