The Dhall-Pal Cipher (DPC) is a 128-bit block cipher with a 128-bit key introduced by Dhall and Pal in 2010. It is based on the substitution-permutation network (SPN) structure, and has elements in common with the Advanced Encryption Standard (AES). The most significant differences between the DPC and the AES occur in the linear transformation stage, some components of which are key-dependent in the DPC. In this paper we identify a large set of weak keys for the DPC, and we describe practical attacks enabled by these weak keys. We first present fast distinguishing attacks that succeed for approximately 2~(124) out of the 2~(128) keys. We then describe two plaintext-recovery attacks that succeed for 2~(120) keys. One of these plaintext-recovery attacks can decrypt any ciphertext using only 2~(11) encryptions on average.
展开▼