Improving Implementable Meet-in-the-Middle Attacks by Orders of Magnitude
نویسندگان
چکیده
Meet-in-the-middle attacks, where problems and the secrets being sought are decomposed into two pieces, have many applications in cryptanalysis. A well-known such attack on double-DES requires 256 time and memory; a naive key search would take 2112 time. However, when the attacker is limited to a practical amount of memory, the time savings are much less dramatic. For n the cardinality of the space that each half of the secret is chosen from (n=256 for double-DES), and w the number of words of memory available for an attack, a technique based on parallel collision search is described which requires O( ) times fewer operations and O( ) times fewer memory accesses than previous approaches to meet-in-the-middle attacks. For the example of double-DES, an attacker with 16 Gbytes of memory could recover a pair of DES keys in a knownplaintext attack with 570 times fewer encryptions and 3.7×106 times fewer memory accesses compared to previous techniques using the same amount of memory.
منابع مشابه
New Fixed Point Attacks on GOST2 Block Cipher
GOST block cipher designed in the 1970s and published in 1989 as the Soviet and Russian standard GOST 28147-89. In order to enhance the security of GOST block cipher after proposing various attacks on it, designers published a modified version of GOST, namely GOST2, in 2015 which has a new key schedule and explicit choice for S-boxes. In this paper, by using three exactly identical portions of ...
متن کاملSecurity Amplification against Meet-in-the-Middle Attacks Using Whitening
In this paper we introduce a model for studying meet-in-the-middle attacks on block ciphers, and a simple block cipher construction provably resistant to such attacks in this model. A sideresult of this is a proper formalization for an unproven alternative to DESX proposed by Kilian and Rogaway; this construction can now be shown to be sound in our model. Meet-in-the-middle attacks exploit weak...
متن کاملHigher-Order Differential Meet-in-the-middle Preimage Attacks on SHA-1 and BLAKE
At CRYPTO 2012, Knellwolf and Khovratovich presented a differential formulation of advanced meet-in-the-middle techniques for preimage attacks on hash functions. They demonstrated the usefulness of their approach by significantly improving the previously best known attacks on SHA-1 from CRYPTO 2009, increasing the number of attacked rounds from a 48-round one-block pseudo-preimage without paddi...
متن کاملImproving Tor security against timing and traffic analysis attacks with fair randomization
The Tor network is probably one of the most popular online anonymity systems in the world. It has been built based on the volunteer relays from all around the world. It has a strong scientific basis which is structured very well to work in low latency mode that makes it suitable for tasks such as web browsing. Despite the advantages, the low latency also makes Tor insecure against timing and tr...
متن کاملSieve-in-the-Middle: Improved MITM Attacks (Full Version)
This paper presents a new generic technique, named sieve-in-the-middle, which improves meet-in-the-middle attacks in the sense that it provides an attack on a higher number of rounds. Instead of selecting the key candidates by searching for a collision in an intermediate state which can be computed forwards and backwards, we here look for the existence of valid transitions through some middle s...
متن کامل