Advertisement

Truncated Differentials and Skipjack

  • Lars R. Knudsen
  • M. J. B. Robshaw
  • David Wagner
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1666)

Abstract

We consider a range of attacks on reduced-round variants of the block cipher Skipjack. In particular we concentrate on the role of truncated differentials and consider what insight they give us into the design and long-term security of Skipjack. An attack on the full 32 rounds of Skipjack remains elusive. However we give attacks on the first 16 rounds of Skipjack that can efficiently recover the key with about 217 chosen plaintexts and an attack on the middle sixteen rounds of Skipjack which recovers the secret key using only two chosen plaintexts. Several high-probability truncated differentials are presented the existence of which might best be described as surprising. Most notably, we show that the techniques used by Biham et al. can be presented in terms of truncated differentials and that there exists a 24-round truncated differential that holds with probability one.

Keywords

Fast Software Encryption Boomerang Attack Erential Attack Plaintext Pair Fourth Word 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    E. Biham, A. Biryukov, O. Dunkelmann, E. Richardson, A. Shamir. Initial Observations on the Skipjack Encryption Algorithm. June 25, 1998. Available at http://www.cs.technion.ac.il/~biham/Reports/SkipJack/.
  2. 2.
    E. Biham, A. Biryukov, O. Dunkelmann, E. Richardson, and A. Shamir. Cryptanalysis of Skipjack-3XOR in 220 time and using 29 chosen plaintexts. July 2, 1998. Available at http://www.cs.technion.ac.il/~biham/Reports/SkipJack/.
  3. 3.
    E. Biham, A. Biryukov, O. Dunkelmann, E. Richardson, and A. Shamir. Cryptanalysis of Skipjack-4XOR. June 30, 1998. Available at http://www.cs.technion.ac.il/~biham/Reports/SkipJack/.
  4. 4.
    E. Biham, A. Biryukov, and A. Shamir. Initial Observations on Skipjack: Cryptanalysis of Skipjack-3XOR. SAC’98. Available at http://www.cs.technion.ac.il/~biham/Reports/SkipJack/.
  5. 5.
    E. Biham, A. Biryukov, and A. Shamir. Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials. In J. Stern, editor, Advances in Cryptology-Eurocrypt’ 99, volume 1592 of Lecture Notes in Computer Science, pages 12–23, 1999. Springer Verlag. Also available at http://www.cs.technion.ac.il/~biham/Reports/SkipJack.Google Scholar
  6. 6.
    E. Biham and A. Shamir. Differential Cryptanalysis of the Data Encryption Standard. Springer-Verlag, New York, 1993.zbMATHGoogle Scholar
  7. 7.
    L.R. Knudsen. Applications of higher order differentials and partial differentials. In B. Preneel, editor, Fast Software Encryption, volume 1008 of Lecture Notes in Computer Science, pages 196–211, 1995. Springer Verlag.Google Scholar
  8. 8.
    L.R. Knudsen, V. Rijmen, R.L. Rivest, and M.J.B. Robshaw. On the design and security of RC2. In S. Vaudenay, editor, Fast Software Encryption, volume 1372 of Lecture Notes in Computer Science, pages 206–219, 1998. Springer Verlag.CrossRefGoogle Scholar
  9. 9.
    E.F. Brickell, D.E. Denning, S.T. Kent, D.P. Maher, and W. Tuchman. Skipjack Review Interim Report. July 28, 1993.Google Scholar
  10. 10.
    M. Matsui. Linear cryptanalysis method for DES cipher. In T. Helleseth, editor, Advances in Cryptology-Eurocrypt’ 93, volume 765 of Lecture Notes in Computer Science, pages 386–397, 1993. Springer Verlag.Google Scholar
  11. 11.
    B. Schneier and D. Banisar. The Electronic Privacy Papers. John Wiley & Sons, 1997.Google Scholar
  12. 12.
    W. Diffe and S. Landau. Privacy on the Line. MIT Press, 1998.Google Scholar
  13. 13.
    National Institute of Standards and Technology (NIST). FIPS Publication 186: Digital Signature Standard (DSS). May 1994.Google Scholar
  14. 14.
    National Institute of Standards and Technology (NIST). FIPS Publication 180-1: Secure Hash Standard (SHS). May 1994.Google Scholar
  15. 15.
    National Security Agency. Skipjack and KEA algorithm specifications. May 1998. Available at http://csrc.ncsl.nist.gov/encryption/skipjack-1.pdf.
  16. 16.
    National Security Agency. NSA Releases Fortezza Algorithms, Press Release, June 24, 1998. Available at http://csrc.ncsl.nist.gov/encryption/nsa-press.pdf.
  17. 17.
    D. Wagner. The boomerang attack. In L. Knudsen, editor, Fast Software Encryption, volume 1636 of Lecture Notes in Computer Science, pages 156–170, 1999. Springer Verlag.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Lars R. Knudsen
    • 1
  • M. J. B. Robshaw
    • 2
  • David Wagner
    • 3
  1. 1.Department of InformaticsUniversity of BergenBergenNorway
  2. 2.RSA LaboratoriesSan MateoUSA
  3. 3.University of California BerkeleyBerkeleyUSA

Personalised recommendations