Related Key Differential Attacks on 27 Rounds of XTEA and Full-Round GOST
نویسندگان
چکیده
In this paper, we present a related key truncated differential attack on 27 rounds of XTEA which is the best known attack so far. With an expected success rate of 96.9%, we can attack 27 rounds of XTEA using 2 chosen plaintexts and with a complexity of 2 27round XTEA encryptions. We also propose several attacks on GOST. First, we present a distinguishing attack on full-round GOST, which can distinguish it from a random permutation with probability 1−2 using a related key differential characteristic. We also show that H. Seki et al.’s idea combined with our related key differential characteristic can be applied to attack 31 rounds of GOST . Lastly, we propose a related key differential attack on full-round GOST. In this attack, we can recover 12 bits of the master key with 2 chosen plaintexts, 2 encryption operations and an expected success rate of 91.7%.
منابع مشابه
New Linear Attacks on Block Cipher GOST
Defined in the standard GOST 28147-89, GOST is a Soviet and Russian government standard symmetric-key block cipher. GOST has the 64-bit block size and a key length of 256 bits. It is a Feistel network of 32 rounds. In 2010, GOST was submitted to ISO 18033 to become a worldwide industrial encryption standard. GOST 28147-89 has also been published as informational RFC 5830 with IETF. In this pape...
متن کاملImpossible Differential Cryptanalysis of the Lightweight Block Ciphers TEA, XTEA and HIGHT
TEA, XTEA and HIGHT are lightweight block ciphers with 64-bit block sizes and 128-bit keys. The round functions of the three ciphers are based on the simple operations XOR, modular addition and shift/rotation. TEA and XTEA are Feistel ciphers with 64 rounds designed by Needham and Wheeler, where XTEA is a successor of TEA, which was proposed by the same authors as an enhanced version of TEA. HI...
متن کاملFirst Differential Attack on Full 32-Round GOST
GOST 28147-89 is a well-known block cipher and the official encryption standard of the Russian Federation. A 256-bit block cipher considered as an alternative for AES-256 and triple DES, having an amazingly low implementation cost and thus increasingly popular and used [12,15,13,20]. Until 2010 researchers have written that: “despite considerable cryptanalytic efforts spent in the past 20 years...
متن کاملTotal break of Zorro using linear and differential attacks
An AES-like lightweight block cipher, namely Zorro, was proposed in CHES 2013. While it has a 16-byte state, it uses only 4 S-Boxes per round. This weak nonlinearity was widely criticized, insofar as it has been directly exploited in all the attacks on Zorro reported by now, including the weak key, reduced round, and even full round attacks. In this paper, using some properties discovered by Wa...
متن کاملAdvanced Truncated Differential Cryptanalysis of GOST Block Cipher
Differential Cryptanalysis (DC) is one of the oldest and most powerful techniques in the area of symmetric cryptanalysis. It is a chosen plaintext attack and its discovery was attributed to Eli Biham and Adi Shamir in the later 1980’s since they were the first to publish a differential attack against the FEAL block cipher and then a similar attack against DES [5, 6]. However, according to a mem...
متن کامل