Abstract
We report on differential and linear analysis of the full 8.5-round WIDEA-n ciphers for n ∈ {4,8}, under weak-key assumptions. The novelty in our attacks include the use of differential and linear relation patterns that allow to bypass the diffusion provided by MDS codes altogether. Therefore, we can attack only a single IDEA instance out of n copies, effectively using a narrow trail for the propagation of differences and masks across WIDEA-n. In fact, the higher the value of n, the better the attacks become. Our analyses apply both to particular MDS matrices, such as the one used in AES, as well as general MDS matrices. Our attacks exploit fixed points of MDS matrices. We also observed a curious interaction between certain differential/linear patterns and the coefficients of MDS matrices for non-trivial fixed points. This interaction may serve as an instructive design criterion for block cipher designs such as WIDEA-n. The authors of WIDEA-n suggested a compression function construction using WIDEA-8 in Davies-Meyer mode. In this setting, the weaknesses identified in this paper can lead to free-start collisions and even actual collisions depending on the output transformation of the hash function.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Courtois, N.: Algebraic complexity reduction and cryptanalysis of GOST, IACR ePrint archive 2011/626 (2011)
Daemen, J., Govaerts, R., Vandewalle, J.: Weak Keys for IDEA. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 224–231. Springer, Heidelberg (1994)
Dinur, I., Dunkelman, O., Shamir, A.: Improved attacks on full GOST, IACR ePrint archive, 2011/558 (2011)
FIPS197: Advanced Encryption Standard (AES), FIPS PUB 197 Federal Information Processing Standard Publication 197, U.S. Department of Commerce (2001)
ISO: Information Technology – Security Techniques – Hash functions – Part 3: Dedicated hash functions. ISO/IEC 10118-3:2004, International Organization for Standardization (2004)
Junod, P., Macchetti, M.: Revisiting the IDEA Philosophy. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 277–295. Springer, Heidelberg (2009)
Lai, X., Massey, J.L., Murphy, S.: Markov Ciphers and Differential Cryptanalysis. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 17–38. Springer, Heidelberg (1991)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press (1997)
Nakahara Jr., J., Rijmen, V., Preneel, B., Vandewalle, J.: The MESH Block Ciphers. In: Chae, K., Yung, M. (eds.) WISA 2003. LNCS, vol. 2908, pp. 458–473. Springer, Heidelberg (2004)
SHS: Secure Hash Standard, Federal Information Processing Standards, FIPS PUB 180-3 (October 2008)
Vaudenay, S.: Related-key attack against triple encryption based on fixed points. In: SECRYPT 2011, pp. 59–67. SciTPress (2011)
Wei, L., Peyrin, T., Sokolowski, P., Ling, S., Pieprzyk, J., Wang, H.: On the (in)security of IDEA in various hashing modes. IACR ePrint archive, 2012/264 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nakahara, J. (2012). Differential and Linear Attacks on the Full WIDEA-n Block Ciphers (under Weak Keys). In: Pieprzyk, J., Sadeghi, AR., Manulis, M. (eds) Cryptology and Network Security. CANS 2012. Lecture Notes in Computer Science, vol 7712. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35404-5_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-35404-5_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35403-8
Online ISBN: 978-3-642-35404-5
eBook Packages: Computer ScienceComputer Science (R0)