Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security

IWSEC 2012: Advances in Information and Computer Security pp 170–181Cite as

Polynomial-Advantage Cryptanalysis of 3D Cipher and 3D-Based Hash Function

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7631))

Abstract

This paper evaluates a block cipher mode, whose round functions of both the key schedule and the encryption process are independent of the round indexes. Previously related-key attack has been applied to such block cipher mode, and it can work no matter how many rounds are iterated in the cipher. This paper presents an accelerated key-recovery attack on this block cipher mode in the single-key setting. Similarly, our attack can also work no matter how many rounds are iterated in the cipher. More interestingly, the effectiveness of our attack, e.g. the relative advantage, increases with the number of rounds.

3D is a dedicated block cipher following the target mode. We apply the key-recovery attack to 3D cipher, and extend it to collision and preimage attacks on 3D-based hash functions. For a l-round instance of 3D (l is recommended as 22 by the designer), the complexity of recovering the secret key is \(2^{512}/\sqrt{l/2}\) data, \(2^{512}/\sqrt{l/2}\) offline computation, and \(2^{512}/\sqrt{l/2}\) memory requirement. And the success probability is 0.63. Thus compared with the brute-force attack, the complexity is accelerated by a factor of \(0.315*\sqrt{l/2}\) in the sense of total computations (including both online and offline computations) under the same success probability 0.63. The total computations of finding collision and preimage on 3D-based hash functions are 2257/l and 2513/l, namely accelerated by a factor of l/2 in the sense of total computations under the same success probability. Moreover, differently from the key-recovery attack, the collision and preimage attacks don’t need to increase the memory requirement compared with the brute-force attack.

Finally we stress that all our attacks are polynomial-advantage attacks.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   72.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Biham, E.: New Types of Cryptanalytic Attacks Using Related Keys. J. Cryptology 7(4), 229–246 (1994)

    Article  MATH  Google Scholar 

  2. Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999)

    Google Scholar 

  3. Biham, E., Shamir, A.: Differential Cryptanalysis of DES-like Cryptosystems. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991)

    Google Scholar 

  4. Biryukov, A., Wagner, D.: Slide Attacks. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 245–259. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  5. Bogdanov, A., Khovratovich, D., Rechberger, C.: Biclique Cryptanalysis of the Full AES. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 344–371. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  6. De Cannière, C., Küçük, Ö., Preneel, B.: Analysis of Grain’s Initialization Algorithm. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 276–289. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  7. Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer (2002)

    Google Scholar 

  8. Davies, D.W., Parkin, G.I.P.: The Average Cycle Size of the Key Stream in Output Feedback Encipherment. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) CRYPTO, pp. 97–98. Plenum Press, New York (1982)

    Google Scholar 

  9. Dong, L., Wu, W., Wu, S., Zou, J.: Known-Key Distinguisher on Round-Reduced 3D Block Cipher. In: Jung, S., Yung, M. (eds.) WISA 2011. LNCS, vol. 7115, pp. 55–69. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  10. Gilbert, H., Peyrin, T.: Super-Sbox Cryptanalysis: Improved Attacks for AES-Like Permutations. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 365–383. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  11. Granville, A.: Cycle lengths in a permutation are typically Poisson distributed. Electronic Journal of Combinatorics 13, R107 (2006)

    MathSciNet  Google Scholar 

  12. Nakahara Jr., J.: 3D: A Three-Dimensional Block Cipher. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 252–267. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  13. Nakahara Jr., J.: New Impossible Differential and Known-Key Distinguishers for the 3D Cipher. In: Bao, F., Weng, J. (eds.) ISPEC 2011. LNCS, vol. 6672, pp. 208–221. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  14. Knudsen, L.R.: Truncated and Higher Order Differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  15. Knudsen, L.R.: DEAL- A 128-bit Block Cipher. Technical Report 151, Department of Informatics, University of Bergen, Beigen, Norway (1998)

    Google Scholar 

  16. Koyama, T., Wang, L., Sasaki, Y., Sakiyama, K., Ohta, K.: New Truncated Differential Cryptanalysis on 3D Block Cipher. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 109–125. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  17. Lai, X.: High Order Derivatives and Differential Cryptanalysis. In: Communications and Cryptography, pp. 227–233 (1994)

    Google Scholar 

  18. Matsui, M.: Linear Cryptanalysis Method for DES Cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)

    Google Scholar 

  19. Mendel, F., Rechberger, C., Schläffer, M., Thomsen, S.S.: The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 260–276. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  20. Shamir, A.: Dagstuhl Seminar Symmetric Cryptography (2012)

    Google Scholar 

  21. Wagner, D.: The Boomerang Attack. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  22. Wu, H.: Related-Cipher Attacks. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 447–455. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The University of Electro-Communications, 1-5-1 Choufugaoka, Choufu-shi, Tokyo, 182-8585, Japan

    Lei Wang, Kazuo Sakiyama & Kazuo Ohta

  2. NTT Secure Platform Laboratories, NTT Corporation, 3-9-11 Midori-cho, Musashino-shi, Tokyo, 180-8585, Japan

    Yu Sasaki

Authors
  1. Lei Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yu Sasaki
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kazuo Sakiyama
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kazuo Ohta
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Research Institute for Secure Systems (RISEC), National Institute of Advanced Industrial Science and Technology (AIST), 1-1-1 Umezono, 305-8568, Tsukuba, Japan

    Goichiro Hanaoka

  2. Graduate School of Natural Science and Technology, Okayama University, 3-1-1 Tsushima-naka, 700-8530, Okayama, Japan

    Toshihiro Yamauchi

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wang, L., Sasaki, Y., Sakiyama, K., Ohta, K. (2012). Polynomial-Advantage Cryptanalysis of 3D Cipher and 3D-Based Hash Function. In: Hanaoka, G., Yamauchi, T. (eds) Advances in Information and Computer Security. IWSEC 2012. Lecture Notes in Computer Science, vol 7631. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34117-5_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-34117-5_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34116-8

  • Online ISBN: 978-3-642-34117-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation