From Differential Cryptanalysis to Ciphertext-Only Attacks

نویسندگان

  • Alex Biryukov
  • Eyal Kushilevitz
چکیده

We present a method for efficient conversion of differential (chosen plaintext) attacks into the more practical known plaintext and ciphertext-only attacks. Our observation may save up to a factor of 2 in data over the known methods, assuming that plaintext is ASCII encoded English (or some other types of highly redundant data). We demonstrate the effectiveness of our method by practical attacks on the block-cipher Madryga and on round-reduced versions of RC5 and DES.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

On the Data Complexity of Statistical Attacks Against Block Ciphers (full version)

Many attacks on iterated block ciphers rely on statistical considerations using plaintext/ciphertext pairs to distinguish some part of the cipher from a random permutation. We provide here a simple formula for estimating the amount of plaintext/ciphertext pairs which is needed for such distinguishers and which applies to a lot of different scenarios (linear cryptanalysis, differentiallinear cry...

متن کامل

A new method for accelerating impossible differential cryptanalysis and its application on LBlock

Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early abort, and pre-computation are some common methods to reduce complexities of this attack. In ...

متن کامل

Cryptanalysis of the Full MMB Block Cipher

The block cipher MMB was designed by Daemen, Govaerts and Vandewalle, in 1993, as an alternative to the IDEA block cipher. We exploit and describe unusual properties of the modular multiplication in ZZ232−1, which lead to a differential attack on the full 6-round MMB cipher (both versions 1.0 and 2.0). Further contributions of this paper include detailed square and linear cryptanalysis of MMB. ...

متن کامل

Forgery Attacks on Round-Reduced ICEPOLE-128

ICEPOLE is a family of authenticated encryptions schemes submitted to the ongoing CAESAR competition and in addition presented at CHES 2014. To justify the use of ICEPOLE, or to point out potential weaknesses, third-party cryptanalysis is needed. In this work, we evaluate the resistance of ICEPOLE-128 against forgery attacks. By using differential cryptanalysis, we are able to create forgeries ...

متن کامل

Block Ciphers Sensitive to Gröbner Basis Attacks

We construct and analyze Feistel and SPN ciphers that have a sound design strategy against linear and differential attacks but for which the encryption process can be described by very simple polynomial equations. For a block and key size of 128 bits, we present ciphers for which practical Gröbner basis attacks can recover the full cipher key requiring only a minimal number of plaintext/ciphert...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1998