Truncated and higher order differentials

  • Lars R. Knudsen
Session 4: Block Ciphers-Differential Cryptanalysis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1008)


In [6] higher order derivatives of discrete functions were considered and the concept of higher order differentials was introduced. We introduce the concept of truncated differentials and present attacks on ciphers presumably secure against differential attacks, but vulnerable to attacks using higher order and truncated differentials. Also we give a differential attack using truncated differentials on DES reduced to 6 rounds using only 46 chosen plaintexts with an expected running time of about the time of 3,500 encryptions. Finally it is shown how to find a minimum nonlinear order of a block cipher using higher order differentials.


  1. 1.
    E. Biham and A. Shamir. Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology, 4(1):3–72, 1991.Google Scholar
  2. 2.
    E. Biham and A. Shamir. Differential Cryptanalysis of the Data Encryption Standard. Springer Verlag, 1993.Google Scholar
  3. 3.
    M.E. Hellman, R. Merkle, R. Schroeppel, L. Washington, W. Diffie, S. Pohlig, and P. Schweitzer. Results of an initial attempt to cryptanalyze the NBS Data Encryption Standard. Technical report, Stanford University, U.S.A., September 1976.Google Scholar
  4. 4.
    M. E. Hellman and S. K. Langford. Differential-linear cryptanalysis. In Y. G. Desmedt, editor, Advances in Cryptology — Proc. Crypto'94, LNCS 839, pages 26–39. Springer Verlag, 1994.Google Scholar
  5. 5.
    L.R. Knudsen. Block Ciphers — Analysis, Design and Applications. PhD thesis, Aarhus University, Denmark, 1994, DAIMI PB — 485.Google Scholar
  6. 6.
    X. Lai. Higher order derivatives and differential cryptanalysis. In Proc. ”Symposium on Communication, Coding and Cryptography”, in honor of James L. Massey on the occasion of his 60'th birthday, Feb. 10–13, 1994, Monte-Verita, Ascona, Switzerland, 1994. To appear.Google Scholar
  7. 7.
    K. Nyberg. Differentially uniform mappings for cryptography. In T. Helleseth, editor, Advances in Cryptology — Proc. Eurocrypt'93, LNCS 765, pages 55–64. Springer Verlag, 1993.Google Scholar
  8. 8.
    K. Nyberg and L.R. Knudsen. Provable security against differential cryptanalysis. In E.F. Brickell, editor, Advances in Cryptology — Proc. Crypto'92, LNCS 740, pages 566–574. Springer Verlag, 1993.Google Scholar
  9. 9.
    National Bureau of Standards. Data encryption standard. Federal Information Processing Standard (FIPS), Publication 46, National Bureau of Standards, U.S. Department of Commerce, Washington D.C., January 1977.Google Scholar
  10. 10.
    B. Preneel, M. Nuttin, Y. Rijmen, and J. Buelens. Differential cryptanalysis of the CFB mode. In D.R. Stinson, editor, Advances in Cryptology — Proc. Crypto'93, LNCS 773, pages 212–223. Springer Verlag, 1993.Google Scholar
  11. 11.
    I. Schaumüller-Bichl. The method of formal coding. In Cryptography — Proc., Burg Feuerstein, 1992, LNCS 149, pages 235–255. Springer Verlag, 1982.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1995

Authors and Affiliations

  • Lars R. Knudsen
    • 1
  1. 1.Aarhus UniversityDenmark

Personalised recommendations