Abstract
This paper proposes “Matching Models A, B, and C” for the meet-in-the-middle attacks against a message with digital signature to provide a more sound foundation for the calculation of the probability of success. The typical procedures by Yuval and by Merkle are regarded as Model A or “birthday paradox in two groups,” and are different from the classical birthday paradox. Models B and C are applicable for other similar procedures.
The relationship of Matching Models and probabilistic models for testing the algebraic structure of DES is also discussed.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
S. G. Akl, On the security of compressed encodings, inAdvances in Cryptology—Proceedings of Crypto '83, ed. D. Chaum, Plenum, New York, 1984, pp. 209–230.
D. Coppersmith, Another birthday attack, inAdvances in Cryptology—Crypto '85, ed. H. C. Williams, Lecture Notes in Computer Science, No. 218, Springer-Verlag, New York, 1985, pp. 14–17.
D. W. Davies and W. L. Price, The application of digital signatures based on public key cryptosystems,5th Int. Conf. on Comput. Commun., Oct. 1980, pp. 525–530.
W. Feller,An Introduction to Probability Theory and Its Applications, Vol. 1, 3rd edn., Wiley, New York, 1968.
R. L. Graham, D. E. Knuth, and O. Patashnik,Concrete Mathematics, Addison-Wesley, Reading, MA, 1989.
N. L. Johnson and S. Kotz,Urn Models and Their Applications, Wiley, New York, 1977.
B. S. Kaliski, Jr., R. L. Rivest, and A. T. Sherman, Is the Data Encryption Standard a group? (Results of cycling experiments on DES),J. Cryptology, Vol. 1(1) (Apr. 1988), pp. 3–36.
D. E. Knuth,The Art of Computer Programming, Vol. 2, 2nd edn., Addison-Wesley, Reading, MA, 1981 (Exercise 3.1.12).
C. Mueller-Schloer, DES-generated checksums for electronic signatures,Cryptologia, Vol. 7(3) (July 1983), pp. 257–273.
National Bureau of Standards,Data Encryption Standard, Federal Information Processing Standards Publications, No. 46, U.S. Department of Commerce, 15 Jan. 1977.
K. Nishimura and M. Sibuya, Occupancy with two types of balls,Ann. Inst. Statist. Math., Vol. 44(1) (Mar. 1988), pp. 77–91.
M. O. Rabin, Digitalized signatures, inFoundations of Secure Computation, ed. R. A. DeMilloet al., Academic Press, New York, 1978, pp. 155–166.
R. S. Winternitz, Producing a one-way hash function from DES, inAdvances in Cryptology—Proceedings of Crypto '83, ed. D. Chaum, Plenum, New York, 1984, pp. 203–207.
G. Yuval, How to swindle Rabin,Cryptologia, Vol. 3(3) (July 1979), pp. 187–189.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Nishimura, K., Sibuya, M. Probability to meet in the middle. J. Cryptology 2, 13–22 (1990). https://doi.org/10.1007/BF02252867
Received:
Revised:
Issue Date:
DOI: https://doi.org/10.1007/BF02252867