Impossible Differential Cryptanalysis of BORON

BORON as a novel ultra-lightweight block cipher has some favorable properties, e.g. faster encryption speed and particular low power encryption design for pervasive computing and so on. Currently, the security of BORON encryption algorithm has extensively received attention. However, it still appears to be an interesting and crucial task to determine BORON encryption algorithm against impossible differential attack. In this article, the security of BORON encryption algorithm against the impossible differential attack is deeply investigated. In the first place, basing on both the differential property of the S-box and the algorithm structure of BORON cipher, 160 new 6-round impossible differential distinguishers are attained by using the MILP (Mixed-Integer Linear Programming) automated search model. Moreover, an impossible differential attack on 10-round reduced BORON cipher is proposed, where the 6-round impossible differential distinguishers is further extended forward 2-round and backward 2-round respectively. It is illustrated that this new attack requires about 2^(43.52) chosen data, 2^(62.08) 10-round encryption operations, and 2^(44.52) bits memory. Compared with the previous results, this attack achieves the highest attacking round number and the lowest data complexity.