Advertisement

Journal of Cryptology

, Volume 7, Issue 4, pp 229–246 | Cite as

New types of cryptanalytic attacks using related keys

  • Eli Biham
Article

Abstract

In this paper we study the influence of key-scheduling algorithms on the strength of blockciphers. We show that the key-scheduling algorithms of many blockciphers inherit obvious relationships between keys, and use these key relations to attack the blockciphers. Two new types of attacks are described: New chosen plaintext reductions of the complexity of exhaustive search attacks (and the faster variants based on complementation properties), and new low-complexity chosen key attacks. These attacks are independent of the number of rounds of the cryptosystems and of the details of the F-function and may have very small complexities. These attacks show that the key-scheduling algorithm should be carefully designed and that its structure should not be too simple. These attacks are applicable to both variants of LOKI and to Lucifer. DES is not vulnerable to the related keys attacks since the shift pattern in the key-scheduling algorithm is not the same in all the rounds.

Key words

Key-scheduling algorithm DES-like cryptosystems Chosen key attacks Chosen plaintext attacks LOKI Data Encryption Standard 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    E. Biham and A. Shamir, Differential Cryptanalysis of DES-like Cryptosystems, Journal of Cryptology, Vol. 4, No. 1, pp. 3–72, 1991.Google Scholar
  2. [2]
    E. Biham and A. Shamir, Differential Cryptanalysis of Snefru, Khafre, REDOCII, LOKI and Lucifer, Technical Report CS91-18, Department of Applied Mathematics and Computer Science, The Weizmann Institute of Science, 1991. The extended abstract appears in Advances in Cryptology, Proceedings of CRYPTO '91 pp. 156–171, Lecture Notes in Computer Science, Vol. 576, Springer-Verlag, Berlin, 1992.Google Scholar
  3. [3]
    E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, New York, 1993.Google Scholar
  4. [4]
    L. Brown, M. Kwan, J. Pieprzyk, and J. Seberry, Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI, Advances in Cryptology, Proceedings of ASIACRYPT '91, pp. 36–50, Lecture Notes in Computer Science, Vol. 739, Spinger-Verlag, Berlin, 1993.Google Scholar
  5. [5]
    L. Brown, J. Pieprzyk, and J. Seberry, LOKI—A Cryptographic Primitive for Authentication and Secrecy Applications, Advances in Cryptology, Proceedings of AUSCRYPT '90, pp. 229–236, Lecture Notes in Computer Science, Vol. 453, Springer-Verlag, Berlin, 1990.Google Scholar
  6. [6]
    L. Brown and J. Seberry, Key Scheduling in DES-Type Cryptosystems, Advances in Cryptology, Proceedings of AUSCRYPT '90 221–228, Lecture Notes in Computer Science, Vol. 453, Springer-Verlag, Berlin, 1990.Google Scholar
  7. [7]
    H. Feistel, Cryptography and Data Security, Scientific American, Vol. 228, No. 5, pp. 15–23, May 1973.Google Scholar
  8. [8]
    M. E. Hellman, R. Merkle, R. Schroppel, L. Washington, W. Diffie, S. Pohlig, and P. Schweitzer, Results of an Initial Attempt to Cryptanalyze the NBS Data Encryption Standard, Technical Report, SEL 76-042, Stanford University, September 1976.Google Scholar
  9. [9]
    L. R. Knudsen, Cryptanalysis of LOKI, Advances in Cryptology, Proceedings of ASIACRYPT '91, pp. 22–35, Lecture Notes in Computer Science, Vol. 739, Springer-Verlag, Berlin, 1993.Google Scholar
  10. [10]
    L. R. Knudsen, Cryptanalysis of LOKI91, Advances in Cryptology, Proceedings of AUSCRYPT '92, pp. 196–208, Lecture Notes in Computer Science, Vol. 718, Springer-Verlag, Berlin, 1993.Google Scholar
  11. [11]
    M. Kwan and J. Pieprzyk, A General Purpose Technique for Locating Key Scheduling Weakness in DES-Like Cryptosystems, Advances in Cryptology, Proceedings of ASIACRYPT '91, pp. 23–246, Lecture Notes in Computer Science, Vol. 739, Springer-Verlag, Berlin, 1993.Google Scholar
  12. [12]
    X. Lai, J. L. Massey, and S. Murphy, Markov Ciphers and Differential Cryptanalysis, Advances in Cryptology, Proceedings of EUROCRYPT '91, pp. 17–38, Lecture Notes in Computer Science, Vol. 547, Springer-Verlag, Berlin, 1991.Google Scholar
  13. [13]
    X. Lai, On the Design and Security of Block Ciphers, Ph.D. Thesis, Swiss Federal Institute of Technology, Zurich, 1992.Google Scholar
  14. [14]
    S. Miyaguchi, A. Shiraishi, and A. Shimizu, Fast Data Encryption Algorithm FEAL-8, Review of Electrical Communications Laboratories, Vol. 36, No. 4, pp. 433–437, 1988.Google Scholar
  15. [15]
    National Bureau of Standards, Data Encryption Standard, FIPS Publication 46, U.S. Department of Commerce, January 1977.Google Scholar
  16. [16]
    A. Shimizu and S. Miyaguchi, Fast Data Encryption Algorithm FEAL, Advances in Cryptology, Proceedings of EUROCRYPT '87, pp. 267–278, Lecture Notes in Computer Science, Vol. 304, Springer-Verlag, Berlin, 1987.Google Scholar
  17. [17]
    A. Sorkin, Lucifer, a Cryptographic Algorithm, Cryptologia, Vol. 8, No. 1, pp. 22–41, January 1984.Google Scholar

Copyright information

© International Association for Cryptologic Research 1994

Authors and Affiliations

  • Eli Biham
    • 1
  1. 1.Computer Science DepartmentTechnion—Israel Institute of TechnologyHaifaIsrael

Personalised recommendations