Chapter 5 - integral cryptanalysis
نویسنده
چکیده
The history of integral cryptanalysis is a little complicated, and the most important papers to study regarding it are not in fact the ones in which it was first defined. We give a brief recap here: In 1997, Daemen, Knudsen, and Rijmen published a paper [3] describing a new cipher. This cipher, SQUARE, was a forerunner of Rijndael [10], the eventual AES, and was designed using the same wide trail strategy to provide security against differential and linear cryptanalysis. However, while working on the paper, the authors discovered a new kind of chosen-plaintext attack which broke six rounds of SQUARE. Since SQUARE had originally been designed with this many rounds, the authors were forced to add more rounds and to publish details of the attack as well as the cipher. The attack not at the time given a name, but later referred to as the “Square attack” did not scale well to attack more rounds, and also bore certain similarities to linear and differential cryptanalysis. Because of this, and because of the level of diffusion stipulated by the wide trail strategy, the authors decided that only two extra rounds needed to be added to the cipher to defeat the attack. Although specific to SQUARE, the similarities between SQUARE and Rijndael, as also the cipher CRYPTON [8], meant that it could easily be adapted to these ciphers. Again, it broke six rounds of Rijndael, in an attack much the same as the attack against SQUARE, and the creator of CRYPTON conjectured [8] that it would not break more than six rounds of that either. Lucks [9] went on to generalise the attack to non-SQUARE-like ciphers. He used it to attack the Feistel cipher Twofish [4], and renamed his generalised attack the “saturation attack”. Other ciphers were attacked using modifications of the original techniques (in papers including [1], [5], [2]) until Knudsen and Wagner [7] drew the various divergent techniques together into a single framework, came up with the term integral cryptanalysis, and defined the more powerful higher-order integral attack.
منابع مشابه
Experiment: Verification of the Acoustic Model and Determination of the Acoustic Loss Factor
In the preceding chapter, a method to compute the internal acoustic response of a simplysupported cylinder with rigid ends was presented. The solution is based on the KirchoffHelmholtz integral and uses the spatial accelerance response of the cylinder wall to compute the internal acoustic response at any point within the cylinder. The radiating structural surface is divided into a set of small ...
متن کاملImproved Integral Cryptanalysis of FOX Block Cipher 1
FOX is a new family of block ciphers presented recently, which is based upon some results on proven security and has high performances on various platforms. In this paper, we construct some distinguishers between 3-round FOX and a random permutation of the blocks space. By using integral attack and collision-searching techniques, the distinguishers are used to attack on 4, 5, 6 and 7-round of F...
متن کاملIntegral Cryptanalysis of Round-reduced Prince Cipher
The lightweight cryptographic algorithm Prince is an intensively studied cipher in the last 3 years. In order to enhance the cryptanalysis efforts and to encourage the design of practical attacks against the algorithm, the designers organized the Prince Challenge. In this paper we introduce two integral attacks on 5-round and 6-round reduced Prince. The attacks, based on a 4.5 rounds integral d...
متن کاملChapter 5: Propagation and Correlation
In this chapter we treat difference propagation and input-output correlation in Boolean mappings and iterated Boolean transformations. Difference propagation is specifically exploited in differential cryptanalysis (DC), invented by Eli Biham and Adi Shamir [BiSh91]. Input-output correlation is exploited in linear cryptanalysis (LC), invented by Mitsuru Matsui [Ma93]. Both DC and LC were success...
متن کاملIntegral Cryptanalysis and Higher Order Differential Attack
Integral cryptanalysis and higher order differential attack are chosen(or known) plaintext attacks on block ciphers. These attacks have been developed independently and become widely used as strong tools to analyze the security of block ciphers. In this paper, basic idea of these attacks including brief historical comments is described. We give some recent applications of integral cryptanalysis...
متن کامل