Biclique cryptanalysis of LBlock and TWINE

Karakoc F., Demirci H., Harmanci A. E.

INFORMATION PROCESSING LETTERS, vol.113, no.12, pp.423-429, 2013 (SCI-Expanded) identifier identifier

  • Publication Type: Article / Article
  • Volume: 113 Issue: 12
  • Publication Date: 2013
  • Doi Number: 10.1016/j.ipl.2013.03.011
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus
  • Page Numbers: pp.423-429
  • Istanbul Technical University Affiliated: Yes


LBlock and TWINE are two lightweight block ciphers recently designed for tiny computing devices, such as RFID tags and sensor network nodes. Both of the algorithms have a generalized Feistel structure with a block size of 64 bits. LBlock consists of 32 rounds and supports a key length of 80 bits while TWINE consists of 36 rounds and supports key lengths of 80 and 120 bits. In this paper, we present attacks on different number of rounds of these lightweight block ciphers by using the biclique cryptanalysis technique recently developed for cryptanalysis of the hash functions Skein-512 and SHA-2 and the Advanced Encryption Standard. Applying this technique on full LBlock we have a slight improvement over the brute force attack while the biclique cryptanalysis of full TWINE has already been proposed. (C) 2013 Elsevier B.V. All rights reserved.