Improved Slide Attacks
نویسندگان
چکیده
The slide attack is applicable to ciphers that can be represented as an iterative application of the same keyed permutation. The slide attack leverages simple attacks on the keyed permutation to more complicated (and time consuming) attacks on the entire cipher. In this paper we extend the slide attack by examining the cycle structures of the entire cipher and of the underlying keyed permutation. Our method allows to find slid pairs much faster than was previously known, and hence reduces the time complexity of the entire slide attack significantly. In addition, since our attack finds as many slid pairs as the attacker requires, it allows to leverage all types of attacks on the underlying permutation (and not only simple attacks) to an attack on the entire cipher. We demonstrate the strength of our technique by presenting an attack on 24-round reduced GOST whose S-boxes are unknown. Our attack retrieves the unknown S-boxes as well as the secret key with a time complexity of about 2 encryptions. Thus, this attack allows an easier attack on other instances of GOST that use the same S-boxes. When the S-boxes are known to the attacker, our attack can retrieve the secret key of 30-round GOST (out of the 32 rounds).
منابع مشابه
Sliding Properties of the DES Key Schedule and Potential Extensions to the Slide Attacks
The DES key schedule is linear and yet defeats related-key cryptanalysis and other attacks that exploit weaknesses in key schedules, for example the slide attacks. In this paper we present new interesting key-pairs of the DES that can be used in related-key attacks to produce sliding properties of the full-round DES key schedule. This is a sort of key schedule weakness from a slide attack point...
متن کاملAdvanced Slide Attacks
Recently a powerful cryptanalytic tool—the slide attack— was introduced [3]. Slide attacks are very successful in breaking iterative ciphers with a high degree of self-similarity and even more surprisingly are independent of the number of rounds of a cipher. In this paper we extend the applicability of slide attacks to a larger class of ciphers. We find very efficient knownand chosen-text attac...
متن کاملSlide Attacks on a Class of Hash Functions
This paper studies the application of slide attacks to hash functions. Slide attacks have mostly been used for block cipher cryptanalysis. But, as shown in the current paper, they also form a potential threat for hash functions, namely for sponge-function like structures. As it turns out, certain constructions for hash-function-based MACs can be vulnerable to forgery and even to key recovery at...
متن کاملRelated-Key Attacks on Triple-DES and DESX Variants
In this paper, we present related-key slide attacks on 2-key and 3-key triple DES, and related-key differential and slide attacks on two variants of DESX. First, we show that 2-key and 3-key triple-DES are susceptible to related-key slide attacks. The only previously known such attacks are related-key differential attacks on 3-key triple-DES. Second, we present a related-key differential attack...
متن کاملRandom Permutation Statistics and an Improved Slide-Determine Attack on KeeLoq
KeeLoq is a lightweight block cipher which is extensively used in the automotive industry [7, 8, 14, 15]. Its periodic structure, and overall simplicity makes it vulnerable to many different attacks. Only certain attacks are considered as really “practical” attacks on KeeLoq: the brute force, and several other attacks which require up to 2 known plaintexts and are then much faster than brute fo...
متن کامل