This paper proposes a new higher order differential attack. The higher order differential attack proposed at FSE’97 by Jakobsen and Knudsen used exhaustive search for recovering the last round key. Our new attack improves the complexity to the cost of solving a linear system of equations. As an example we show the higher order differential attack of a CAST cipher with 5 rounds. The required num...

This paper examines the strength of CLEFIA against multiple bytes differential fault attack. Firstly, it presents the principle of CLEFIA algorithm and differential fault analysis; then, according to injecting faults into the r,r1,r-2 CLEFIA round three conditions, proposes three fault models and corresponding analysis methods; finally, all of the fault model and analysis methods above have bee...

Although SHA-1 has been theoretically broken for some time now, the task of finding a practical collision is yet to be completed. Using some new approaches to differential analysis, we were able to find a new differential path which can be used in a collision attack with complexity of O(2). This is currently the lowest complexity attack on SHA-1.

In this paper, we propose a modified approach for the basic meet-in-the-middle attack which we call differential sieving for 2-step matching. This technique improves the scope of the basic meet in the middle attack by providing means to extend the matching point for an extra round through differential matching and hence the overall number of the attacked rounds is extended. Our approach starts ...

This paper introduces a more in-depth cryptanalysis framework for tweakable cryptosystems than Cube Attack, Cube Tester, algebraic IV differential attack (AIDA), and higher order differential cryptanalysis in Boolean algebra. Through the view of the new framework, the differences among these existing analysis methods are clarified. Furthermore, a principle is proposed to design secure systems a...

We analyze the security of the SC2000 block cipher against both differential and linear attacks. SC2000 is a six-and-a-half-round block cipher, which has a unique structure that includes both the Feistel and Substitution-Permutation Network (SPN) structures. Taking the structure of SC2000 into account, we investigate oneand two-round iterative differential and linear characteristics. We present...

In this paper we propose a novel cryptanalytic method against multivariate schemes, which adapts differential cryptanalysis to this setting. In multivariate quadratic systems, the differential of the public key is a linear map and has invariants such as the dimension of the kernel. Using linear algebra, the study of this invariant can be used to gain information on the secret key. We successful...

SHACAL is a 160-bit block cipher based on the hash standard SHA-1, as a submission to NESSIE. SHACAL uses the XOR, modular addition operation and the functions of bit-by-bit manner. These operations and functions make the differential cryptanalysis difficult, i.e, it is hard to find a long differential characteristic with high probability. But, we can find short differential characteristics wit...

Masking is one of the efficient and easily implemented countermeasures to protect cryptographic algorithms in such resource limited environments as smart-cards from differential power analysis as well as simple power analysis that were first introduced by Kocher et al. in 1999. To defend differential power analysis attacks, Akkar and Giraud presented a Transformed Masking Method and applied it ...