Pseudorandomness of Basic Structures in the Block Cipher KASUMI

  • Kang, Ju-Sung (Information Security Technology Division, ETRI) ;
  • Preneel, Bart (Electrical Engineering Department, Kathorieke Universitat) ;
  • Ryu, Heui-Su (Information Security Technology Division, ETRI) ;
  • Chung, Kyo-Il (Information Security Technology Division, ETRI) ;
  • Park, Chee-Hang (Information Security Technology Division, ETRI)
  • Received : 2002.03.22
  • Published : 2003.04.30


The notion of pseudorandomness is the theoretical foundation on which to consider the soundness of a basic structure used in some block ciphers. We examine the pseudorandomness of the block cipher KASUMI, which will be used in the next-generation cellular phones. First, we prove that the four-round unbalanced MISTY-type transformation is pseudorandom in order to illustrate the pseudorandomness of the inside round function FI of KASUMI under an adaptive distinguisher model. Second, we show that the three-round KASUMI-like structure is not pseudorandom but the four-round KASUMI-like structure is pseudorandom under a non-adaptive distinguisher model.



  1. SIAM J. Comput. v.17 How to Construct Pseudorandom Permutations and Pseudorandom Functions Luby, M.;Rackoff, C.
  2. Advances in Cryptology-Eurocrypt'92, LNCS 658 How to Construct Pseudorandom and Super Pseudorandom Permutations from one Single Pseudorandom Function Patarin, J.
  3. J. Cryptology v.12 On the Construction of Pseurandom Permutations: Luby-Rackoff Revisited Naor, M.;Reingold, O.
  4. Fast Software Encryption, LNCS 1039 New Permutation of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis Matsui, M.
  5. Fast Software Encryption'97, LNCS 1267 New Block Encryption Algorithm MISTY Matsui, M.
  6. IEICE Trans. Fundamentals v.E80-A no.1 On Non-Pseudorandomness from Block Ciphers with Provable Immunity against Linear Cryptanalysis Sakurai, K.;Zheng, Y.
  7. FSE 2001, LNCS 2355 New Results on the Pseudorandomness of Some Block Cipher Constructions Gilbert, H.;Minier, M.
  8. ACISP2001, LNCS 2119 Pseudorandomness of MISTY-Type Transformations and the Block Cipher KASUMI Kang, J.S.;Yi, O.Y.;Hong, D.W.;Cho, H.S.
  9. FSE2001, LNCS 2355 Round Security and Super-Pseudorandomness of MISTY Type Structure Iwata, T.;Yoshino, T.;Yuasa, T.;Kurosawa, K.
  10. FSE 2002, LNCS 2365 Non-Cryptographic Primitive for Pseudorandom Permutation Iwata, T.;Yoshino, T.;Kurosawa, K.
  11. 3G TS 35.201, Specification of the 3GPP Confidentiality and Integrity Algorithm; Document 1: f8 and f9 specifications
  12. ASIACRYPT 2001, LNCS2248 Provable Security of KASUMI and 3GPP Encryption mode f8 Kang, JS.;Shin, S.U.;Hong, D.W.;Yi, O.Y.
  13. Advances in Cryptology-Crypto'94, LNCS 839 The Security of Cipher Block Chaining Message Authentication Codes Bellare, M.;Kilian, J.;Rogaway, P.
  14. 38th Symp. on Foundations of Computer Science (FOCS), IEEE Computer Society A Concrete Security Treatment of Symmetric Encryption: Analysis of the DES Modes of Operation Bellare, M.;Desai, A.;Jokipii, E.;Rogaway, P.
  15. DEAL-A 128-Bit Block Cipher, Technical report 151 Knudsen, L.R.
  16. ASIACRYPT 2001, LNCS 2248 Generic Attacks on Feistel Schemes Patarin, J.
  17. 3GDP SAGE, Report on the Evaluation of 3GPP Standard Confidentiality and Integrity Algorithms, SAGE version 2.0
  18. Advances in Cryptology-Eurocrypt 2001, LNCS 2045 Cryptanalysis of Reduced-Round MISTY Kuhn, U.