Avalanche Effect in Improperly Initialized CAESAR Candidates
نویسندگان
چکیده
منابع مشابه
Avalanche Effect in Improperly Initialized CAESAR Candidates
Cryptoprimitives rely on thorough theoretical background, but often lack basic usability features making them prone to unintentional misuse by developers. We argue that this is true even for the state-of-the-art designs. Analyzing 52 candidates of the current CAESAR competition has shown none of them have an avalanche effect in authentication tag strong enough to work properly when partially mi...
متن کاملCryptanalysis of some first round CAESAR candidates
ΑΕS _ CMCCv₁, ΑVΑLΑNCHEv₁, CLΟCv₁, and SILCv₁ are four candidates of the first round of CAESAR. CLΟCv₁ is presented in FSE 2014 and SILCv₁ is designed upon it with the aim of optimizing the hardware implementation cost. In this paper, structural weaknesses of these candidates are studied. We present distinguishing attacks against ΑES _ CMCCv₁ with the complexity of two queries and the success ...
متن کاملNote on the Robustness of CAESAR Candidates
Authenticated ciphers rely on the uniqueness of the nonces to meet their security goals. In this work, we investigate the implications of reusing nonces for three third-round candidates of the ongoing CAESAR competition, namely Tiaoxin, AEGIS and MORUS. We show that an attacker that is able to force nonces to be reused can reduce the security of the ciphers with results ranging from full key-re...
متن کاملBRUTUS: Identifying Cryptanalytic Weaknesses in CAESAR First Round Candidates
This report summarizes our results from security analysis covering all 57 CAESAR first round candidates and over 210 implementations. We have manually identified security issues with three candidates, two of which are more serious, and these ciphers been withdrawn from the competition. We have developed a testing framework, BRUTUS, to facilitate automatic detection of simple security lapses and...
متن کاملHeuristic Tool for Linear Cryptanalysis with Applications to CAESAR Candidates
Differential and linear cryptanalysis are the general purpose tools to analyze various cryptographic primitives. Both techniques have in common that they rely on the existence of good differential or linear characteristics. The difficulty of finding such characteristics depends on the primitive. For instance, AES is designed to be resistant against differential and linear attacks and therefore,...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Electronic Proceedings in Theoretical Computer Science
سال: 2016
ISSN: 2075-2180
DOI: 10.4204/eptcs.233.7