Abstract
This paper describes a linear attack on the Ake98 block cipher, an updated version of the Akelarre cipher presented by Alvarez et al. at the SAC’96 Workshop. The new attacks require the assumption of weak keys. It is demonstrated that Ake98 does not introduce enough security measures to counter cryptanalytic attacks, both in a known-plaintext and in a ciphertext-only setting. A key-recovery attack on 4.5-round Ake98, for instance, is applicable to a weak-key class of size 2108, and requires only 71 known plaintexts, with an effort of 71· 271 half-round decryptions. Moreover, the existence of weak keys precludes the use of Ake98 as a building block for other cryptographic primitives, such as in Davies-Meyer Hash mode. Attacks using weak keys can be applied up to 11.5 rounds of Ake98 with less effort than an exhaustive key search. But, Ake98 with 8.5 rounds is already slower than IDEA, RC6 or AES, which implies that this updated version of the Akelarre cipher does not seem to provide significant advantages (security or efficiency) compared to the former, more established ciphers.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Biham, E.: Performance of Optimized Implementations of the NESSIE Primitives (October 2002), http://cryptonessie.org
Biryukov, A., Nakahara Jr., J., Preneel, B., Vandewalle, J.: New Weak-Key Classes of IDEA. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 315–326. Springer, Heidelberg (2002)
Álvarez Marañón, G.: Contribución al estudio de la estructura interna del conjunto de Mandelbrot y aplicaciones en criptografía, Facultad de Informática, Universidad Politécnica de Madrid, PhD Dissertation (September 2000), http://www.iec.csic.es/~gonzalo
Alvarez, G., de la Guia, D., Montoya, F., Peinado, A.: Akelarre: a new Block Cipher Algorithm. In: 3rd Selected Areas in Cryptography (SAC) Workshop, pp. 1–14 (1996)
Daemen, J., Rijmen, V.: AES Proposal: Rijndael. In: First AES Conference, California, USA (1998), http://www.nist.gov/aes
Ferguson, N., Schneier, B.: Cryptanalysis of Akelarre. In: 4th Selected Areas in Cryptography (SAC) Workshop, pp. 201–212 (1997)
Hawkes, P.M.: Asymptotic Bounds on Differential Probabilities and an Analysis of the Block Cipher IDEA, PhD Dissertation, The University of Queensland, St. Lucia, Australia (December 1998)
Knudsen, L.R., Rijmen, V.: Ciphertext-Only Attack on Akelarre. Cryptologia XXIV(2), 135–147 (2000)
Lai, X.: On the Design and Security of Block Ciphers. In: Massey, J.L. (ed.) ETH Series in Information Processing, vol. 1. Hartung-Gorre Verlag, Konstanz (1995)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
Rivest, R.L.: The RC5 Encryption Algorithm. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 86–96. Springer, Heidelberg (1995)
Rivest, R.L., Robshaw, M.J.B., Sidney, R., Yin, Y.L.: The RC6 Block Cipher. In: First AES Conference, California, USA (1998), http://csrc.nist.gov/encryption/aes/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Júnior, J.N., de Freitas, D.S. (2004). Cryptanalysis of Ake98. In: Canteaut, A., Viswanathan, K. (eds) Progress in Cryptology - INDOCRYPT 2004. INDOCRYPT 2004. Lecture Notes in Computer Science, vol 3348. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30556-9_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-30556-9_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24130-0
Online ISBN: 978-3-540-30556-9
eBook Packages: Computer ScienceComputer Science (R0)