Yosuke Todo

※Please go to my new webpage.

About me

  • I'm a researcher of NTT Secure Platform Laboratories, NTT Corporation, Japan.
  • I received my Ph.D from Kobe University in March 2017 (supervisor : Masakatu Morii).
  • The title of my Ph.D Thesis is "Integral Cryptanalysis against Symmetric-Key Cryptosystems."
  • My research area is cryptography. Especially, the design and analysis of the symmetric-key cryptography.

Publication Lists

-International Conference

[21] "Cube Attacks on Non-Blackbox Polynomials based on Division Property,"
Yosuke Todo, Takanori Isobe, Yonglin Hao, and Willi Meier, CRYPTO, 2017, LNCS, vol.?????, pp.??-??, 2017.
[20] "Low-Data Complexity Attacks on Camellia,"
Takeru Koie, Takanori Isobe, Yosuke Todo, and Masakatu Morii, ATIS, 2017, CCIS, vol.?????, pp.??-??, 2017.
[19] "Improved Integral Attack on HIGHT,"
Yuki Funabiki, Yosuke Todo, Takanori Isobe, and Masakatu Morii, ACISP, 2017, LNCS, vol.10342, pp.363-383, 2017.
[18] "New Algorithm for Modeling S-box in MILP Based Differential and Division Trail Search,"
Yu Sasaki and Yosuke Todo, SecITC, 2017, LNCS, vol.?????, pp.???-???, 2017.
[17] "New Impossible Differential Search Tool from Design and Cryptanalysis Aspects -- Revealing Structural Properties of Several Ciphers,"
Yu Sasaki and Yosuke Todo, EUROCRYPT Part III, 2017, LNCS, vol.10212, pp.185-215, 2017.
[16] "Nonlinear Invariant Attack --Practical Attack on Full SCREAM, iSCREAM, and Midori64,"
Yosuke Todo, Gregor Leander, and Yu Sasaki, ASIACRYPT Part II, 2016, LNCS, vol.10032, pp.3-33, 2016.
This paper won Asiacrypt 2016 Award Papers.
[15] "Compact Representation for Division Property,"
Yosuke Todo and Masakatu Morii, CANS, 2016, LNCS, vol.10052, pp.19-35, 2016.
[14] "New Conditional Differential Cryptanalysis for NLFSR-Based Stream Ciphers and Application to Grain v1,"
Yuhei Watanabe, Yosuke Todo and Masakatu Morii, AsiaJCIS, 2016, 2016.
[13] "New Differential Bounds and Division Property of LILLIPUT: Block Cipher with Extended Generalized Feistel Network,"
Yu Sasaki and Yosuke Todo, SAC, 2016, LNCS, vol.????, pp.???-???, 2016.
[12] "Wide Trail Design Strategy for Binary MixColumns,"
Yosuke Todo and Kazumaro Aoki, ACNS, 2016, LNCS, vol.9696, pp.467-484, 2016.

[11] "Bit-Based Division Property and Application to Simon Family,"
Yosuke Todo and Masakatu Morii, FSE, 2016, LNCS, vol.9783, pp.357-377, 2016.
(full version)
[10] "Integral Cryptanalysis on Full MISTY1,"
Yosuke Todo, CRYPTO Part I, 2015, LNCS, vol.9215, pp.413-432, 2015.
This paper won the Best Paper Award and Best Young Researcher Award.
(full version)
[9] "Structural Evaluation by Generalized Integral Property,"
Yosuke Todo, EUROCRYPT Part I, 2015, LNCS, vol.9056, pp.287-314, 2015.
(ePrint version)
[8] "How Much Can Complexity of Linear Cryptanalysis Be Reduced?,"
Sho Sakikoyama, Yosuke Todo, Kazumaro Aoki, and Masakatu Morii, ICISC 2014, LNCS, vol.8949, pp.117-131, 2014.
[7] "Cryptanalysis of Reduced-Round SIMON32 and SIMON48,"
Qingju Wang, Zhiqiang Liu, Kerem Varici, Yu Sasaki, Vincent Rijmen, and Yosuke Todo, INDOCRYPT 2014, LNCS, vol.8885, pp.143-160, 2014.
(full version)
[6] "FFT Key Recovery for Integral Attack,"
Yosuke Todo and Kazumaro Aoki, CANS 2014, LNCS, vol.8813, pp.64-81, 2014.
(preliminary version in ePrint)
[5] "Practical Cryptanalysis of a Public-Key Encryption Scheme Based on New Multivariate Quadratic Assumptions,"
Martin R. Albrecht, Jean-Charles Faugère, Robert Fitzpatrick, Ludovic Perret, Yosuke Todo, and Keita Xagawa, PKC 2014, LNCS, vol.8383, pp.446-464, 2014.
(preliminary version in ePrint)
[4] "New Property of Diffusion Switching Mechanism on CLEFIA and Its Application to DFA,"
Yosuke Todo and Yu Sasaki, IWSEC 2013, LNCS, vol.8231, pp.99-114, 2013.
[3] "Upper Bounds for the Security of Several Feistel Networks,"
Yosuke Todo, ACISP 2013, LNCS, vol.7959, pp.302-317, 2013.
[2] "Proposal of a Secure WEP Operation against Existing Key Recovery Attacks and its Evaluation,"
Tsubasa Tsukaune, Yosuke Todo, and Masakatu Morii, AsiaJCIS 2012, 2012.
[1] "Effective Falsification Attack on WPA-TKIP by Modifying Any Packet to QoS Packet,"
Yosuke Todo, Toshihiro Ohigashi, and Masakatu Morii, JWIS 2010, pp.118-132, 2010.

-Journal and Letter

[8] "Analysis of AES, SKINNY, and Others with Constraint Programming," 
Siwei Sun, David Gerault, Pascal Lafourcade, Qianqian Yang, Yosuke Todo, Kexin Qiao, and Lei Hu, IACR Transactions on Symmetric Cryptology (ToSC), Vol. 2017, No.1, pp.281-306.
[7] "Integral Cryptanalysis on Full MISTY1," 
Yosuke Todo, Journal of Cryptology, 2016.
(preliminary version appeared in CRYPTO 2015)
[6] "Efficient Implementations for Practical Linear Cryptanalysis and Its Application to FEAL-8X,"
Sho Sakikoyama, Yosuke Todo, Kazumaro Aoki, and Masakatu Morii, IEICE Trans., Vol. E99-A, No 1, pp.31-38, 2016.
(preliminary version appeared in ICISC 2015)
[5] "Impossible Differential Attack against 14-Round Piccolo-80 without Relying on Full Code Book,"
Yosuke Todo, IEICE Trans., Vol. E99-A, No 1, pp.154-157, 2016.
[4] "Fast Fourier Transform Key Recovery for Integral Attacks,"
Yosuke Todo and Kazumaro Aoki, IEICE Trans., Vol. E98-A, No 9, pp.1944-1952, 2015.
(preliminary version appeared in CANS 2014)
(preliminary version in ePrint)
[3] "Upper Bounds for the Security of Several Feistel Networks,"
Yosuke Todo, IEICE Trans., Vol. E98-A, No 1, pp.39-48, 2015.
(preliminary version appeared in ACISP 2013)
[2] "Falsification Attacks against WPA-TKIP in a Realistic Environment,"
Yosuke Todo, Yuki Ozawa, Toshihiro Ohigashi, and Masakatu Morii, IEICE Trans., vol. E95-D, no.2, pp.588-595, 2012.
(preliminary version appeared in JWIS 2010)
[1] "Cryptanalysis for RC4 and Breaking WEP/WPA-TKIP,"
Masakatu Morii and Yosuke Todo, IEICE Trans., Vol. E94-D, No.11, pp.2087-2094, 2011.

-Invited Talk

[6] "Cube Attacks on Non-Blackbox Polynomials based on Division Property"
Yosuke Todo, Takanori Isobe, Yonglin Hao, and Willi Meier, ESC 2017, Seminar talk, January 16, 2017.
[5] "Division Property: Efficient Method to Estimate Upper Bound of Algebraic Degree"
Yosuke Todo, Mycrypt 2016, Insight talk, December 1, 2016.
[4] "Nonlinear Invariant Attack,"
Yosuke Todo, ASK 2016, Invited talk, September 28, 2016.
[3] "Division Property: Efficient Method to Estimate the Algebraic Degree,"
Yosuke Todo, IWSEC 2016, Keynote talk, September 13, 2016.
[2] "What is Integral Cryptanalysis? -- First theoretical cryptanalysis on full MISTY1,"
Yosuke Todo, HGI seminar talk, Ruhr-University Bochum, February 18, 2016.
[1] "Design for Involutive Symmetric-Key Primitive,"
Yosuke Todo, IWSEC 2015, SCIS/CSS Invited Session, August 28, 2015.

-Ph.D Thesis

[1] "Integral Cryptanalysis against Symmetric-Key Cryptosystems"
Yosuke Todo, Kobe University, March, 2017.



Jan. 2016, SCIS Best Papers Award, SCIS 2015, IEICE, ISEC.
Aug. 2015, CRYPTO 2015 Best Paper Award, IACR.
Aug. 2015, CRYPTO 2015 Best Young Researcher Award, IACR.


Editorial board member of IACR Transaction on Symmetric Cryptology (ToSC) 2017 (Program committee member of FSE2018).
Program committee member of ASIACRYPT 2016.
Program committee member of EUROCRYPT 2016.
Organizing committee of SCIS 2016.


2014          Minalpher, Authenticated Encryption with Associated Data