Academic: Impossible Differentials in Twofish

Impossible Differentials in Twofish

N. Ferguson

Twofish Technical Report #5, October 5, 1999.

ABSTRACT: We show how an impossible-differential attack, first applied to DEAL by Knudsen, can be applied to Twofish. This attack breaks six rounds of the 256-bit key version using 2²⁵⁶ steps; it cannot be extended to seven or more Twofish rounds.

[full text – PDF (Acrobat)] [full text – Postscript]

Categories: Twofish

← Cryptanalysis of Microsoft's PPTP Authentication Extensions (MS-CHAPv2) A Plea for Simplicity →

Sidebar photo of Bruce Schneier by Joe MacInnis.