Differential, Linear, and Meet-in-the-Middle Attacks on the Lightweight Block Cipher RBFK

Randomized butterfly architecture of fast Fourier transform for key cipher (RBFK) is the lightweight block cipher for Internet of things devices in an edge computing environment. Although the authors claimed that RBFK is secure against differential cryptanalysis, linear cryptanalysis, impossible differential attack, and zero correlation linear cryptanalysis, the details were not explained in the literature. Therefore, we have evaluated the security of RBFK by application of differential cryptanalysis, linear cryptanalysis, and meet-in-the-middle (MITM) attack and have found that RBFK is not secure against these attacks. This paper introduces not only a distinguish attack but also key recovery attacks on full-round RBFK. In the distinguish attack scenario, data for differential cryptanalysis are two, and the time complexity is one for an exclusive-OR operation. In the key recovery attack scenario, the data for linear cryptanalysis are one pair of known plaintext–ciphertext. The time complexity is one operation for a linear sum. Data for an MITM attack are two. The time complexity is 248 encryptions; the memory complexity is 245 bytes. Because the vulnerabilities are identified in the round function and the key scheduling part, we propose some improvements for RBFK against these attacks.