Correlation Attacks on Block Ciphers
نویسنده
چکیده
This report presents a new statistical attack on iterative block ciphers called the correlation attack which is a natural generalization of linear cryptanalysis. The attack is based on nding complex-valued functions on the input and the output of a cipher which have a high correlation. Their mutual relation is then exploited to yield information about the nal round key. Introducing the notions of imbalance, I/O product, and correlation matrix, it is shown how to measure a cipher's security against the attack, and the mini-cipher IDEA(8) is found to be provably secure (assuming independency of subkeys). Links to other kinds of statistical attacks are explored. In particular, it is shown that the correlation matrix of a cipher and the matrix of di erential transition probabilities used with di erential cryptanalysis are connected by the 2-dimensional Fourier transform. This implies that correlation cryptanalysis and di erential cryptanalysis are essentially of the same strength.
منابع مشابه
A new CPA resistant software implementation for symmetric ciphers with smoothed power consumption: SIMON case study
In this paper we propose a new method for applying hiding countermeasure against CPA attacks. This method is for software implementation, based on smoothing power consumption of the device. This method is evaluated on the SIMON scheme as a case study; however, it is not relying on any specific SIMON features. Our new method includes only AND equivalent and XOR equivalent operations since every ...
متن کاملZero Correlation Linear Cryptanalysis with Reduced Data Complexity
Zero correlation linear cryptanalysis is a novel key recovery technique for block ciphers proposed in [5]. It is based on linear approximations with probability of exactly 1/2 (which corresponds to the zero correlation). Some block ciphers turn out to have multiple linear approximations with correlation zero for each key over a considerable number of rounds. Zero correlation linear cryptanalysi...
متن کاملA Survey of Cryptanalytic Attacks on Lightweight Block Ciphers
Lightweight block ciphers are used in applications where low power consumption is a requirement along with hardware area constraints regarding their implementation. Design of these ciphers demands an optimal tradeoff between computational efficiency and security. These ciphers being supportive in fast and secure transmission of data from one location to another are prone to several attacks that...
متن کاملA New Approach to χ Cryptanalysis of Block Ciphers
The first contribution of this paper is a new approach to χ analyses of block ciphers in which plaintexts are chosen in a manner similar to that in a square/saturation attack. The consequence is a faster detection of χ correlation when compared to conventional χ cryptanalysis. The second contribution of the paper is the application of a technique similar to the aforementioned approach, but aide...
متن کاملCharacterizations of the Degraded Boolean Function and Cryptanalysis of the SAFER Family
This paper investigates the degradation properties of Boolean functions from the aspects of the distributions of differences and linear masks, and shows two characterizations of the degraded Boolean function. One is that there exists a linear space of the input differences, where the differentials with the zero output difference have probability 1; Another one is that the input linear masks of ...
متن کاملAll Subkeys Recovery Attack on Block Ciphers: Extending Meet-in-the-Middle Approach
We revisit meet-in-the-middle (MITM) attacks on block ciphers. Despite recent significant improvements of the MITM attack, its application is still restrictive. In other words, most of the recent MITM attacks work only on block ciphers consisting of a bit permutation based key schedule such as KTANTAN, GOST, IDEA, XTEA, LED and Piccolo. In this paper, we extend the MITM attack so that it can be...
متن کامل