A New Class of Collision Attacks and Its Application to DES

  • Kai Schramm
  • Thomas Wollinger
  • Christof Paar
Conference paper

DOI: 10.1007/978-3-540-39887-5_16

Volume 2887 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Schramm K., Wollinger T., Paar C. (2003) A New Class of Collision Attacks and Its Application to DES. In: Johansson T. (eds) Fast Software Encryption. FSE 2003. Lecture Notes in Computer Science, vol 2887. Springer, Berlin, Heidelberg

Abstract

Until now in cryptography the term collision was mainly associated with the surjective mapping of different inputs to an equal output of a hash function. Previous collision attacks were only able to detect collisions at the output of a particular function. In this publication we introduce a new class of attacks which originates from Hans Dobbertin and is based on the fact that side channel analysis can be used to detect internal collisions. We applied our attack against the widely used Data Encryption Standard (DES). We exploit the fact that internal collisions can be caused in three adjacent S-Boxes of DES [DDQ84] in order to gain information about the secret key-bits. As result, we were able to exploit an internal collision with a minimum of 140 encryptions yielding 10.2 key-bits. Moreover, we successfully applied the attack to a smart card processor.

Keywords

DES S-Boxes collision attack internal collisions power analysis side channel attacks 
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Kai Schramm
    • 1
  • Thomas Wollinger
    • 1
  • Christof Paar
    • 1
  1. 1.Department of Electrical Engineering and Information Sciences, Communication Security Group (COSY)Ruhr-Universität Bochum, GermanyBochumGermany