Side Channel Attacks exploit information that leaks from a cryptographic device. Power Analysis is a kind of side channel attack which reveals the key of cryptographic device by analyzing its power consumption. Power analysis attack causes serious threat to the security of cryptographic devices. Differential Power Analysis Attack is most widely used against embedded devices but suffers from few...

An AES-like lightweight block cipher, namely Zorro, was proposed in CHES 2013. While it has a 16-byte state, it uses only 4 S-Boxes per round. This weak nonlinearity was widely criticized, insofar as it has been directly exploited in all the attacks on Zorro reported by now, including the weak key, reduced round, and even full round attacks. In this paper, using some properties discovered by Wa...

Differential cryptanalysis is a well-known statistical attack on block ciphers. We present here a generalisation of this attack called multiple differential cryptanalysis. We study the data complexity, the time complexity and the success probability of such an attack and we experimentally validate our formulas on a reduced version of PRESENT. Finally, we propose a multiple differential cryptana...

Differential cryptanalysis is a well-known statistical attack on block ciphers. We present here a generalisation of this attack called multiple differential cryptanalysis. We study the data complexity, the time complexity and the success probability of such an attack and we experimentally validate our formulas on a reduced version of PRESENT. Finally, we propose a multiple differential cryptana...

Interpolation attack was presented by Jakobsen and Knudsen at FSE’97. Interpolation attack is effective against ciphers that have a certain algebraic structure like the PURE cipher which is a prototype cipher, but it is difficult to apply the attack to real-world ciphers. This difficulty is due to the difficulty of deriving a low degree polynomial relation between ciphertexts and plaintexts. In...

In this work, we study the application of higher-order differential attacks on hash functions. We show a second-order differential attack on the SHA-256 compression function reduced to 46 out of 64 steps. We implemented the attack and give the result in Table 1. The best attack so far (in a different attack model) with practical complexity was for 33 steps of the compression function.

Biham and Chen proposed an attack on SHA-0 at Crypt 2004. In this paper, we apply the Biham-Chen attack to analyze SHAlike hash functions regarding pseudo-collision resistance and pseudorandomness. We present a scenario about how to attack SHA-like hash functions applying the Biham and Chen attack. Using this scenario, we present a differential attack on the MD5 hash function and a differential...

LBlock is a lightweight block cipher proposed in ACNS 2011. It has 64-bit block size and 80-bit key size which is the typical parameter setting accpeted by most of the recent proposed lightweight block ciphers. It has fast hardware implementation efficiency and it still remains rather secure considering the recent results and the security margin it provides. In this paper, we investigate the di...

Knudsen and Berson have applied truncated differential attack on 5 round SAFER K-64 successfully. However, their attack is not efficient when applied on 5 round SAFER SK-64 (with the modified key schedule) and can not be applied on 6 round SAFER. In this paper, we improve the truncated differential attack on SAFER by using better truncated differential and additional filtering method. Our attac...

Related-cipher attack was introduced by Hongjun Wu in 2002 [25]. We can consider related ciphers as block ciphers with the same round function but different number of rounds. This attack can be applied to related ciphers by using the fact that their key schedules do not depend on the total number of rounds. In this paper we introduce differential related-cipher attack on block ciphers, which co...