An Analysis of FOX
This paper presents new cryptanalytic results on reduced-round versions of the FOX block cipher, also known as IDEA-NXT. We can recover all subkeys of 2-round variants of FOX, and derive internal cipher data from r-round FOX, for any r > 2. This information leakage phenomenon is based only on the high-level Lai-Massey scheme, and was already observed in Feistel ciphers such as DES, but is absent even in IDEA, whose design inspired the FOX ciphers. Moreover, this paper presents the first impossible-differential analysis of reduced-round FOX, and new results on 4-round and 5-round FOX.
Biham, E., Biryukov, A., and Shamir, A. (1999). Miss-in-the-Middle Attacks on IDEA, Khufu and Khafre. In Knudsen, L., editor, 6th Fast Software Encryption Workshop, LNCS 1636, pages 124–138. Springer-Verlag.
Davies, D. and Murphy, S. (1995). Pairs and Triplets of DES S-Boxes. Journal of Cryptology, 8(1):1–25.
Junod, P. and Vaudenay, S. (2004). FOX: a new family of block ciphers. In 11th Selected Areas in Cryptography (SAC) Workshop, LNCS 3357, pages 114–129. Springer-Verlag.
Lai, X. (1995). On the Design and Security of Block Ciphers, volume 1 of ETH Series in Information Processing. Hartung-Gorre Verlag, Konstanz. J.L. Massey.
Lai, X., Massey, J., and Murphy, S. (1991). Markov Ciphers and Differential Cryptanalysis. In Davies, D., editor, Advances in Cryptology, Eurocrypt’91, LNCS 547, pages 17–38. Springer-Verlag.
NBS (1977). Data Encryption Standard (DES). FIPS PUB 46, Federal Information Processing Standards Publication 46, U.S. Department of Commerce.
Rijmen, V., Preneel, B., and Win, E. D. (1997). On weaknesses of non-surjective round functions. Design, Codes and Cryptography, 12(3):253–266.
Wenling, W., Wentao, Z., and Dengguo, F. (2005). Improved integral cryptanalysis of FOX block cipher.
WEWoRC (2005). Western European Workshop on Research in Cryptology.