How to Protect DES Against Exhaustive Key Search
نویسندگان
چکیده
The block cipher DESX is de ned by DESXk:k1:k2(x) = k2 DESk(k1 x), where denotes bitwise exclusive-or. This construction was rst suggested by Ron Rivest as a computationally-cheap way to protect DES against exhaustive key-search attacks. This paper proves, in a formal model, that the DESX construction is sound. We show that, when F is an idealized block cipher, FXk:k1:k2(x) = k2 Fk(k1 x) is substantially more resistant to key search than is F . In fact, our analysis says that FX has an e ective key length of at least +n 1 lgm bits, where is the key length of F , n is the block length, and m bounds the number of hx; FXK(x)i pairs the adversary can obtain.
منابع مشابه
Exhaustive Key Search of the DES: Updates and Refinements
Exhaustive key search is the simplest attack against a cryptosystem, but it is sometimes the most realistic. This is specially true for carefully designed block ciphers for which advanced cryptanalysis (e.g. linear, differential) is not applicable. In this paper, we first update the cost of an exhaustive key search of the Data Encryption Standard (DES) using Field Programmable Gate Arrays (FPGA...
متن کاملApplying Quantum Search to a Known-Plaintext Attack on Two-Key Triple Encryption
The process of disguising a plaintext into ciphertext is called encryption and back into plaintext is called decryption. A cryptographic algorithm, is also called a cipher, is the mathematical function used for encryption and decryption. Many algorithms are available for this purpose. Triple DES is such an algorithm. Encryption using triple DES is possible in two different ways; they are triple...
متن کاملNew Attacks against Standardized MACs
In this paper, we revisit the security of several message authentication code (MAC) algorithms based on block ciphers, when instantiated with 64-bit block ciphers such as DES. We essentially focus on algorithms that were proposed in the norm ISO/IEC 9797–1. We consider both forgery attacks and key recovery attacks. Our results improve upon the previously known attacks and show that all algorith...
متن کاملA Genetic Algorithm for Cryptanalysis with Application to DES-like Systems
Various cryptosystems use exhaustive techniques to search the key space. Such search techniques should be guided in order to be computationally adequate. Here, a Genetic Algorithm, GA, is proposed for the cryptanalysis of DES-like systems to find out the underlying key. The genetic algorithm approach is adopted, for obtaining the exact key by forming an initial population of keys that belong to...
متن کاملRelated-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA
We present new related-key attacks on the block ciphers 3WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA. Differential related-key attacks allow both keys and plaintexts to be chosen with specific differences [KSW96]. Our attacks build on the original work, showing how to adapt the general attack to deal with the difficulties of the individual algorithms. We also give specific design principl...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 1996