Abstract
This paper evaluates a block cipher mode, whose round functions of both the key schedule and the encryption process are independent of the round indexes. Previously related-key attack has been applied to such block cipher mode, and it can work no matter how many rounds are iterated in the cipher. This paper presents an accelerated key-recovery attack on this block cipher mode in the single-key setting. Similarly, our attack can also work no matter how many rounds are iterated in the cipher. More interestingly, the effectiveness of our attack, e.g. the relative advantage, increases with the number of rounds.
3D is a dedicated block cipher following the target mode. We apply the key-recovery attack to 3D cipher, and extend it to collision and preimage attacks on 3D-based hash functions. For a l-round instance of 3D (l is recommended as 22 by the designer), the complexity of recovering the secret key is \(2^{512}/\sqrt{l/2}\) data, \(2^{512}/\sqrt{l/2}\) offline computation, and \(2^{512}/\sqrt{l/2}\) memory requirement. And the success probability is 0.63. Thus compared with the brute-force attack, the complexity is accelerated by a factor of \(0.315*\sqrt{l/2}\) in the sense of total computations (including both online and offline computations) under the same success probability 0.63. The total computations of finding collision and preimage on 3D-based hash functions are 2257/l and 2513/l, namely accelerated by a factor of l/2 in the sense of total computations under the same success probability. Moreover, differently from the key-recovery attack, the collision and preimage attacks don’t need to increase the memory requirement compared with the brute-force attack.
Finally we stress that all our attacks are polynomial-advantage attacks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Biham, E.: New Types of Cryptanalytic Attacks Using Related Keys. J. Cryptology 7(4), 229–246 (1994)
Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999)
Biham, E., Shamir, A.: Differential Cryptanalysis of DES-like Cryptosystems. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991)
Biryukov, A., Wagner, D.: Slide Attacks. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 245–259. Springer, Heidelberg (1999)
Bogdanov, A., Khovratovich, D., Rechberger, C.: Biclique Cryptanalysis of the Full AES. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 344–371. Springer, Heidelberg (2011)
De Cannière, C., Küçük, Ö., Preneel, B.: Analysis of Grain’s Initialization Algorithm. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 276–289. Springer, Heidelberg (2008)
Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer (2002)
Davies, D.W., Parkin, G.I.P.: The Average Cycle Size of the Key Stream in Output Feedback Encipherment. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) CRYPTO, pp. 97–98. Plenum Press, New York (1982)
Dong, L., Wu, W., Wu, S., Zou, J.: Known-Key Distinguisher on Round-Reduced 3D Block Cipher. In: Jung, S., Yung, M. (eds.) WISA 2011. LNCS, vol. 7115, pp. 55–69. Springer, Heidelberg (2012)
Gilbert, H., Peyrin, T.: Super-Sbox Cryptanalysis: Improved Attacks for AES-Like Permutations. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 365–383. Springer, Heidelberg (2010)
Granville, A.: Cycle lengths in a permutation are typically Poisson distributed. Electronic Journal of Combinatorics 13, R107 (2006)
Nakahara Jr., J.: 3D: A Three-Dimensional Block Cipher. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 252–267. Springer, Heidelberg (2008)
Nakahara Jr., J.: New Impossible Differential and Known-Key Distinguishers for the 3D Cipher. In: Bao, F., Weng, J. (eds.) ISPEC 2011. LNCS, vol. 6672, pp. 208–221. Springer, Heidelberg (2011)
Knudsen, L.R.: Truncated and Higher Order Differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)
Knudsen, L.R.: DEAL- A 128-bit Block Cipher. Technical Report 151, Department of Informatics, University of Bergen, Beigen, Norway (1998)
Koyama, T., Wang, L., Sasaki, Y., Sakiyama, K., Ohta, K.: New Truncated Differential Cryptanalysis on 3D Block Cipher. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 109–125. Springer, Heidelberg (2012)
Lai, X.: High Order Derivatives and Differential Cryptanalysis. In: Communications and Cryptography, pp. 227–233 (1994)
Matsui, M.: Linear Cryptanalysis Method for DES Cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)
Mendel, F., Rechberger, C., Schläffer, M., Thomsen, S.S.: The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 260–276. Springer, Heidelberg (2009)
Shamir, A.: Dagstuhl Seminar Symmetric Cryptography (2012)
Wagner, D.: The Boomerang Attack. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999)
Wu, H.: Related-Cipher Attacks. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 447–455. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, L., Sasaki, Y., Sakiyama, K., Ohta, K. (2012). Polynomial-Advantage Cryptanalysis of 3D Cipher and 3D-Based Hash Function. In: Hanaoka, G., Yamauchi, T. (eds) Advances in Information and Computer Security. IWSEC 2012. Lecture Notes in Computer Science, vol 7631. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34117-5_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-34117-5_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34116-8
Online ISBN: 978-3-642-34117-5
eBook Packages: Computer ScienceComputer Science (R0)