In CRYPTO’89, Merkle presented three double-block-length hash functions based on DES. They are optimally collision resistant in a black-box model, that is, the time complexity of any collision-finding algorithm for them is Ω(2 ) if DES is a random block cipher, where is the output length. Their drawback is that their rates are low. In this article, new double-block-length hash functions with hi...

In this paper, we will present an estimation for the upper-bound of the amount of 16-bytes plaintexts for English texts, that is not sufficient large make clear that the block ciphers with block length no more than 16-bytes will be subject to recover plaintext attacks in the occasions of plaintext -known or plaintext-chosen attacks.

Magpie is a lightweight block cipher proposed by Li et al. in Acta Electronica Sinica volumn 45, issue 10. It adopts an substitution-permutation network (SPN) structure with size of 64 bits and the key 96 bits, respectively. To achieve consistency encryption decryption, which both hardware software friendly, 16 are used as control signals to select S-boxes another determine order operations. As...

Characterization of the fault space of a cipher to filter out a set of faults potentially exploitable for fault attacks (FA), is a problem with immense practical value. A quantitative knowledge of the exploitable fault space is desirable in several applications, like security evaluation, cipher construction and implementation, design, and testing of countermeasures etc. In this work, we investi...

We argue that the invertibility of a block cipher can reduce the security of schemes that use it, and a better starting point for scheme design is the non-invertible analog of a block cipher, that is, a pseudorandom function (PRF). Since a block cipher may be viewed as a pseudorandom permutation, we are led to investigate the reverse of the problem studied by Luby and Rackoff, and ask: “how can...

Block cipher analysis covers randomness analysis and cryptanalysis. This paper proposes a new method potentially used for randomness analysis and cryptanalysis. The method uses true random sequence concept as a reference for measuring randomness level of a random sequence. By using this concept, this paper defines bias which represents violation of a random sequence from true random sequence. I...

Attacks on double block length hash functions using a block cipher are considered in this paper. We present a general free-start attack, in which the attacker is free to choose the initial value, and a real attack on a large class of hash functions. Recent results on the complexities of attacks on double block hash functions are summarized.

We present new techniques for deriving preimage resistance bounds for block cipher based double-block-length, double-call hash functions. We give improved bounds on the preimage security of the three “classical” double-block-length, double-call, block cipher-based compression functions, these being Abreast-DM, Tandem-DM and Hirose’s scheme. For Hirose’s scheme, we show that an adversary must ma...

RoadRunneR is a small and fast bitslice lightweight block cipher for low cost 8-bit processors proposed by Adnan Baysal and Sähap Şahin in the LightSec 2015 conference. While most software efficient lightweight block ciphers lacking a security proof, RoadRunneR’s security is provable against differential and linear attacks. RoadRunneR is a Feistel structure block cipher with 64-bit block size. ...