Midori64的相关密钥不可能差分分析*

Midori算法是由Banik等人在AISACRYPT2015上提出的一种具有SPN结构的轻量级的加密算法。Midori的分组长度有64bit和128bit两种，分别为Midori64和Midori128，本文主要研究的Midori64。目前攻击者已经使用了不可能差分分析、中间相遇攻击、相关密钥差分分析等方法对Midori进行了分析，却没有使用相关密钥不可能差分分析进行分析。为了验证Midori算法的安全性，本文使用了相关密钥不可能差分分析了Midori算法，构造了一个Midori算法的9轮区分器，进行了Midori算法的14轮攻击，总共猜测了84bit密钥。

Related-key differential analysis of Midori64*

The Midori algorithm is a lightweight encryption algorithm with a SPN structure proposed by Banik et al. On AISACRYPT 2015. There are two versions of Midori with state sizes of 64-bit and 128-bit respectively, this article mainly study the Midori64. At present, the attacker has used the impossible differential ,Meet-in-the-middle attack and related-key difference analyzed the Midori, but it has not analyzed it by using the related-key impossible differential analysis. In order to verify the security of the Midori algorithm, we use the related-key impossible differential to analyze the Midori algorithm and construct a 9-round distinguisher ,then we mount 14-round related-key impossible differential attack on Midori64, a total of guess the 84bit key.