Related-key impossible differential cryptanalysis on lightweight cipher TWINE

Lightweight block cipher is usually used in smart environment to protect confidentiality as well as to authentication. TWINE is a lightweight block cipher proposed by Japan scholar in SAC 2012 suits for kinds of platform from software to hardware. The cipher algorithm iterates a generalized Feistel structure with an improved block shuffle each sub-block includes an SP type round function. It with 64-bit block size, supports 80/128-bit key size and has 36 rounds iteration. This paper further investigates the security of TWINE, presents a new related-key impossible differential attack on reduced-round TWINE with 80-bit key (i.e. TWINE-80). By choosing the relations of keys carefully and exploring an equivalent structure of TWINE based on analysis of the encryption process, we show a 17-round related-key differential and then construct a 15-round related-key impossible differential trial. By using this trail, a 24-round related-key impossible differential attack on TWINE-80 is conducted. The result shows that the known impossible differential attack on TWINE-80 can be improved by one round.