Efficient Uses of FPGAs for Implementations of DES and Its Experimental Linear Cryptanalysis

نویسندگان

  • Gaël Rouvroy
  • François-Xavier Standaert
  • Jean-Jacques Quisquater
  • Jean-Didier Legat
چکیده

In its basic version, linear cryptanalysis is a known-plaintext attack that uses a linear relation between input-bits, outputbits, and key-bits of an encryption algorithm that holds with a certain probability. If enough plaintext-ciphertext pairs are provided, this approximation can be used to assign probabilities to the possible keys and to locate the most probable one. In 1993, Matsui applied it to DES, becoming the best known attack against DES. In 2000, Knudsen proposed three chosen-plaintext linear attacks, the third one becoming the best chosen-plaintext attack. This paper presents two original FPGA implementations of a DES encryption/decryption core that work at data rates up to 21.3 Gbps (333 MHz). We believe that our implementations are the fastest ones known nowadays. In our design, the plaintext, the key, and the mode (encryption/decrytion) can be changed with no dead cycles. Based on one of our fast DES implementations, we present an FPGA implementation of the known-plaintext linear cryptanalysis of DES. The resulting design is deployed on eight FPGAs and allows us to find 12 + 1 key bits in about 2.3 hours. As a comparison, the fastest software implementation known so far (in 2000) used the idle time of 18 Intel Pentium III MMX and broke a DES key in 4.32 days. Our fast linear cryptanalysis implementation made the performing of practical tests possible, allowing a comparison with Matsui’s theoretical

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Time and Space Complexity Reduction of a Cryptanalysis Algorithm

Binary Decision Diagram (in short BDD) is an efficient data structure which has been used widely in computer science and engineering. BDD-based attack in key stream cryptanalysis is one of the best forms of attack in its category. In this paper, we propose a new key stream attack which is based on ZDD(Zero-suppressed BDD). We show how a ZDD-based key stream attack is more efficient in time and ...

متن کامل

Time and Space Complexity Reduction of a Cryptanalysis Algorithm

Binary Decision Diagram (in short BDD) is an efficient data structure which has been used widely in computer science and engineering. BDD-based attack in key stream cryptanalysis is one of the best forms of attack in its category. In this paper, we propose a new key stream attack which is based on ZDD(Zero-suppressed BDD). We show how a ZDD-based key stream attack is more efficient in time and ...

متن کامل

Linear Cryptanalysis Using Multiple Approximations-Revisited

We present a technique which uses multiple linear approximations in the linear cryptanalysis of a block cipher and allows for a reduction in the amount of data required for a successful attack. Although the method using many linear approximations was already suggested by B. Kaliski and M. Robshaw in 1994, this paper describes an revisited version utilizing a lot of approximations. In this paper...

متن کامل

A new method for accelerating impossible differential cryptanalysis and its application on LBlock

Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early abort, and pre-computation are some common methods to reduce complexities of this attack. In ...

متن کامل

A Family of Light-Weight Block Ciphers Based on DES Suited for RFID Applications

We propose a new block cipher, DESL (DES Lightweight extension), which is strong, compact and efficient. Due to its low chip size constraints DESL is especially suited for RFID (Radio Frequency Identification) devices. Our proposed DESL is based on the classical DES (Data Encryption Standard) design, however, unlike DES it uses a single Sbox repeated eight times. This approach makes it possible...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IEEE Trans. Computers

دوره 52  شماره 

صفحات  -

تاریخ انتشار 2003