Slide Attacks with a Known-Plaintext Cryptanalysis
Although many strong cryptanalytic tools exploit weaknesses in the data-randomizing part of a block cipher, relatively few general tools for cryptanalyzing on the other part, the key scheduling part, are known. A slide attack is an instance of attacks exploiting the key schedule weakness. In this paper, currently proposed slide attacks can be still enhanced so that all currently published known-plaintext analytic technique can be applied to smaller part of a cipher with a weak key scheduling part. As an example, we demonstrate applications of a slide attack to linear cryptanalysis, a DES variant case. In addition, we also show that our enhancement enables to declassify the unknown primitive used in a block cipher. We test a block cipher, GOST, and show how to de-classify the hidden 4-bit substitution tables.
KeywordsBlock Cipher Round Function Data Encryption Standard Linear Cryptanalysis Fast Software Encryption
Unable to display preview. Download preview PDF.
- 2.E. Biham, A. Shamir, “Differential Cryptanalysis of the Data Encryption Standard,” Springer-Verlag, 1993.Google Scholar
- 3.A. Biryukov, D. Wagner, “Slide attacks,” Preproceedings of FSE6, Fast Software Encryption Workshop 1999, 1999.Google Scholar
- 5.D.W. Davies, “Some Regular Properties of the ‘Data Encryption Standard’ algorithm,” Advances in Cryptology: Proceedings of CRYPTO82, Plenum Press, 1983.Google Scholar
- 6.FIPS 46, “Data Encryption Standard,” Federal Information Processing Standards Publication 46, U.S. Department of Commerce/National Bureau of Standards, National Technical Information Service, Springfield, Virginia, 1977 (revised as FIPS 46-1:1988, FIPS46-2:1993, FIPS46-3:1999).Google Scholar
- 7.GOST, Gosudarstvennyi Standard 28147-89, “Cryptographic Protection for Data Processing Systems,” Government Committee for the USSR for Standards, 1989. (In Russian.)Google Scholar
- 8.L. R. Knudsen, “Cryptanalysis of LOKI91,” Advances in Cryptology,-ASIACRYPT’91, LNCS Vol. 739, Springer-Verlag, 1991.Google Scholar
- 9.B. S. Kaliski, M. J. B. Robshaw, “Linear Cryptanalysis Using Multiple Approximations,” Advances in Cryptology,-CRYPTO’94, LNCS Vol. 839, Springer-Verlag, 1994.Google Scholar
- 10.L. R. Knudsen, M. J. B. Robshaw, “Non-linear Approximations in Linear Cryptanalysis,” Advances in Cryptology,-EUROCRYPT’96, LNCS Vol. 1070, Springer-Verlag, 1996.Google Scholar
- 11.J. Kelsey, B. Schneier, D. Wagner, “Key-Schedule Cryptanalysis of 3-WAY, IDEA, G-DES, RC4, SAFER, and Triple-DES,” Advances in Cryptology,-CRYPTO’96, LNCS Vol. 1109, Springer-Verlag, 1996.Google Scholar
- 12.S. K. Langford, M. E. Hellman, “Differential-Linear Cryptanalysis,” Advances in Cryptology,-CRYPTO’94, LNCS Vol. 839, Springer-Verlag, 1994.Google Scholar
- 13.M. Matsui, “Linear Cryptanalysis Method for DES Cipher,” Advances in Cryptology,-EUROCRYPT’93, LNCS Vol. 765, Springer-Verlag, 1993.Google Scholar
- 14.M. Matsui, “The First Experimental Cryptanalysis of the Data Encryption Standard,” Advances in Cryptology,-CRYPTO’94, LNCS Vol.839, Springer-Verlag, 1994.Google Scholar
- 15.M. Matsui, “New Block Encryption Algorithm MISTY,” Fast Software Encryption, 4th International Workshop, FSE'97, LNCS Vol. 1267, Springer-Verlag, 1997.Google Scholar
- 16.M. J. Saarinen, “A chosen key attack against the secret S-boxes of GOST,” unpublished, available at http://www.jyu.fi/~mjos/gost_cka.ps.
- 17.B. Schneier, “The GOST Encryption Algorithm,” Dr. Dobb’s Journal, Vol. 20, No. 2, 1995.Google Scholar
- 18.B. Schneier, D. Whiting “Fast Software Encryption: Designing Encryption Algorithms for Optimal Software Speed on the Intel Pentium Processor,” Fast Software Encryption, 4th International Workshop, FSE’97, LNCS Vol. 1267, Springer-Verlag, 1997.Google Scholar
- 19.S. Vaudenay, “An experiment on DES statistical cryptanalysis,” Proc. of 3rd ACM CCCS, 1996.Google Scholar