Attack on Six Rounds of Crypton
نویسندگان
چکیده
In this paper we present an attack on a reduced round version of Crypton. The attack is based on the dedicated Square attack. We explain why the attack also works on Crypton and prove that the entire 256-bit user key for 6 rounds of Crypton can be recovered with a complexity of 2 encryptions, whereas for Square 2 encryptions are required to recover the 128-bit user key.
منابع مشابه
Chapter 5 - integral cryptanalysis
The history of integral cryptanalysis is a little complicated, and the most important papers to study regarding it are not in fact the ones in which it was first defined. We give a brief recap here: In 1997, Daemen, Knudsen, and Rijmen published a paper [3] describing a new cipher. This cipher, SQUARE, was a forerunner of Rijndael [10], the eventual AES, and was designed using the same wide tra...
متن کاملImproved Meet-in-the-Middle Attacks on Round-Reduced Crypton-256
The meet-in-the-middle (MITM) attack has prove to be efficient in analyzing the AES block cipher. Its efficiency has been increasing with the introduction of various techniques such as differential enumeration, key-dependent sieve, super-box etc. The recent MITM attack given by Li and Jin has successfully mounted to 10-round AES-256. Crypton is an AES-like block cipher. In this paper, we apply ...
متن کاملCryptanalysis of Block Ciphers Using Almost-Impossible Differentials
In this paper, inspired from the notion of impossible differentials, we present a model to use differentials that are less probable than a random permutation. We introduce such a distinguisher for 2 rounds of Crypton, and present an attack on 6 rounds of this predecessor AES candidate. As a special case of this idea, we embed parts of the additional rounds around the impossible differential int...
متن کاملRelated-Key Impossible Differential Attacks on Crypton
Crypton is a 12-round block cipher proposed as an AES candidate and Crtpton v1.0 is the revised version. In this paper, we present two related-key impossible differential attacks to reduced-round Crypton and Crypton v1.0. By carefully choosing the relations of keys, constructing some 6round related-key differential trials and using some observations on the cipher, we first break 9-round Crypton...
متن کاملPractical Evaluation of Security against Generalized Interpolation Attack
Interpolation attack was presented by Jakobsen and Knudsen at FSE’97. Interpolation attack is effective against ciphers that have a certain algebraic structure like the PURE cipher which is a prototype cipher, but it is difficult to apply the attack to real-world ciphers. This difficulty is due to the difficulty of deriving a low degree polynomial relation between ciphertexts and plaintexts. In...
متن کامل