Advertisement

Cryptanalysis of the CFB mode of the DES with a reduced number of rounds

  • Bart Preneel
  • Marnix Nuttin
  • Vincent Rijmen
  • Johan Buelens
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 773)

Abstract

Three attacks on the DES with a reduced number of rounds in the Cipher Feedback Mode (CFB) are studied, namely a meet in the middle attack, a differential attack, and a linear attack. These attacks are based on the same principles as the corresponding attacks on the ECB mode, They are compared to the three basic attacks on the CFB mode. In 8-bit CFB and with 8 rounds in stead of 16, a differential attack with 239.4 chosen ciphertexts can find 3 key bits, and a linear attack with 231 known plaintexts can find 7 key bits. This suggests that it is not safe to reduce the number of rounds in order to improve the performance. Moreover, it is shown that the final permutation has some cryptographic significance in the CFB mode.

Keywords

Block Cipher Differential Attack Data Encryption Standard Linear Cryptanalysis Differential Cryptanalysis 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    A. Beguelin, J. J. Dongarra, G. A. Geist, R. Mancheck, and V. Sunderam, “A users’ guide to PVM parallel virtual machine”, Technical report ORNL/TM-11826, Oak Ridge National Laboratory, July 1991.Google Scholar
  2. 2.
    A. Beguelin, J. J. Dongarra, R. Manchek, K. Moore, R. Wade, J. Plank, and V. Sunderam, “HeNCE: a use’s guide”, Version 1.2, December 1992.Google Scholar
  3. 3.
    E. Biham and A. Shamir, “Differential cryptanalysis of DES-like cryptosystems,” Journal of Cryptology, Vol. 4, No. 1, 1991, pp. 3–72.CrossRefzbMATHMathSciNetGoogle Scholar
  4. 4.
    E. Biham and A. Shamir, “Differential cryptanalysis of Feal and N-hash,” Advances in Cryptology, Proc. Eurocrypt’91, LNCS 547, D.W. Davies, Ed., Springer-Verlag, 1991, pp. 1–16.Google Scholar
  5. 5.
    E. Biham and A. Shamir, “Differential cryptanalysis of the full 16-round DES,” Technion Technical Report # 708, December 1991.Google Scholar
  6. 6.
    D. Chaum and J.-H. Evertse, “Cryptanalysis of DES with a reduced number of rounds,” Advances in Cryptology, Proc. Crypto’85, LNCS 218, H.C. Williams, Ed., Springer-Verlag, 1985, pp. 192–211.CrossRefGoogle Scholar
  7. 7.
    D. Davies, “Investigation of a potential weakness in the DES algorithm,” July 1987 (revised January 1990), preprint.Google Scholar
  8. 8.
    FIPS 46, “Data Encryption Standard,” Federal Information Processing Standard, National Bureau of Standards, U.S. Department of Commerce, Washington D.C., January 1977.Google Scholar
  9. 9.
    FIPS 81, “DES Modes of Operation,” Federal Information Processing Standard, National Bureau of Standards, U.S. Department of Commerce, Washington D.C., December 1980.Google Scholar
  10. 10.
    M. Hellman, R. Merkle, R. Schroeppel, L. Washington, W. Diffie, S. Pohlig and P. Schweitzer, “Results of an initial attempt to cryptanalyze the NBS Data Encryption Standard,” Information Systems Lab., Dept. of Electrical Eng., Stanford Univ., 1976.Google Scholar
  11. 11.
    ISO/IEC 10116, “Information technology-Security techniques-Modes of operation of an n-bit block cipher algorithm,” 1991.Google Scholar
  12. 12.
    R.R. Jueneman, “Analysis of certain aspects of Output Feedback Mode,” Advances in Cryptology, Proc. Crypto’82, D. Chaum, R.L. Rivest, and A.T. Sherman, Eds., Plenum Press, New York, 1983, pp. 99–127.Google Scholar
  13. 13.
    M. Matsui, “Linear cryptanalysis method for DES cipher,” Advances in Cryptology, Proc. Eurocrypt’93, LNCS, Springer-Verlag, to appear.Google Scholar
  14. 14.
    U.M. Maurer, “New approaches to the design of self-synchronizing stream ciphers,” Advances in Cryptology, Proc. Eurocrypt’91, LNCS 547, D.W. Davies, Ed., Springer-Verlag, 1991, pp. 458–471.Google Scholar
  15. 15.
    K. Ohta and M. Matsui, “Differential attack on message authentication codes,” This Volume.Google Scholar
  16. 16.
    M. Wiener, “Efficient DES key search,” This Volume.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1994

Authors and Affiliations

  • Bart Preneel
    • 1
  • Marnix Nuttin
    • 1
  • Vincent Rijmen
    • 1
  • Johan Buelens
    • 1
  1. 1.Laboratorium ESAT-COSICKatholieke Universiteit LeuvenHeverleeBelgium

Personalised recommendations