Weak-key classes of 7-round MISTY 1 and 2 for related-key amplified boomerang attacks

Eunjin Lee, Jongsung Kim, Deukjo Hong, Changhoon Lee, Jaechul Sung, Seokhie Hong, Jongin Lim

Research output: Contribution to journalArticlepeer-review

15 Scopus citations


In 1997, M. Matsui proposed secret-key cryptosystems called MISTY 1 and MISTY 2, which are 8-and 12-round block ciphers with a 64-bit block, and a 128-bit key. They are designed based on the principle of provable security against differential and linear cryptanalysis. In this paper we present large collections of weak-key classes encompassing 273 and 270 weak keys for 7-round MISTY 1 and 2 for which they are vulnerable to a related-key amplified boomerang attack. Under our weak-key assumptions, the related-key amplified boomerang attack can be applied to 7-round MISTY 1 and 2 with 254, 256 chosen plaintexts and 255.3 7-round MISTY 1 encryptions, 265 7-round MISTY 2 encryptions, respectively.

Original languageEnglish
Pages (from-to)642-649
Number of pages8
JournalIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Issue number2
StatePublished - 2008


  • Block ciphers
  • MISTY 1
  • MISTY 2
  • Related-key amplified boomerang attack
  • Weak-key classes


Dive into the research topics of 'Weak-key classes of 7-round MISTY 1 and 2 for related-key amplified boomerang attacks'. Together they form a unique fingerprint.

Cite this