Advertisement

Differential-linear weak key classes of IDEA

  • Philip Hawkes
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1403)

Abstract

Large weak key classes of IDEA are found for which membership is tested with a differential-linear test while encrypting with a single key. In particular, one in every 265 keys for 8.5-round IDEA is weak. A related-key differential-linear attack on 4-round IDEA is presented which is successful for all keys. Large weak key classes are found for 4.5- to 6.5-round and 8-round IDEA for which membership of these classes is tested using similar related-key differential-linear tests.

Key words

IDEA differential-linear cryptanalysis related-key cryptanalysis weak keys 

References

  1. 1.
    E. Biham. New types of cryptanalysis attacks using related keys. Advances in Cryptology, EUROCRYPT'93, Lecture Notes in Computer Science, vol. 765, T. Helleseth ed., Springer-Verlag, pages 398–409, 1994.Google Scholar
  2. 2.
    E. Biham and Shamir A. Differential cryptanalysis of DES-like cryptosystems. Advances in Cryptology, CRYPTO'90, Lecture Notes in Computer Science, vol. 537, A. J. Menezes and S. A. Vanstone ed., Springer-Verlag, pages 2–21, 1991.Google Scholar
  3. 3.
    E. Biham and A. Shamir. Differential cryptanalysis of the full 16-round DES. Technical Report 708, Technion, Israel Institute of Technology, Haifa, Israel, 1991. Also presented at Advances in Cryptology, CRYPTO'92, Lecture Notes in Computer Science, vol. 740, E. F. Brickell ed., Springer-Verlag, pages 487–496, 1993.Google Scholar
  4. 4.
    J. Borst. Differential-linear cryptanalysis of IDEA. Technical Report ESATCOSIC Technical Report 96-2, Department of Electrical Engineering, Katholieke Universiteit Leuven, Febr. 1997.Google Scholar
  5. 5.
    J. Borst, L. R. Knudsen, and V. Rijmen. Two attacks on reduced IDEA (extended abstract). Advances in Cryptology, EUROCRYPT'97, Lecture Notes in Computer Science, vol. 1233, W. Fumy ed., Springer-Verlag, pages 1–13, 1997.Google Scholar
  6. 6.
    J. Daemen, R. Govaerts, and J. Vandewalle. Cryptanalysis of 2,5 rounds of IDEA (extended abstract). Technical Report ESAT-COSIC Technical Report 93/1, Department of Electrical Engineering, Katholieke Universiteit Leuven, March 1993.Google Scholar
  7. 7.
    J. Daemen, R. Govaerts, and J. Vandewalle. Weak keys for IDEA. Advances in Cryptology, CRYPTO'93, Lecture Notes in Computer Science, vol. 773, D. Stinson ed., Springer-Verlag, pages 224–231, 1994.Google Scholar
  8. 8.
    C. Harpes, G. G. Kramer, and J.L. Massey. Generalisation of linear cryptanalysis and the applicability of Matsui's piling-up lemma. Advances in Cryptology, EUROCRYPT'95, Lecture Notes in Computer Science, vol. 921, L. C. Guillou, J. Quiquater eds., Springer-Verlag, pages 24–38, 1995.Google Scholar
  9. 9.
    P. Hawkes and L. O'Connor. On applying linear cryptanalysis to IDEA. Advances in Cryptology, ASIACRYPT'96, Lecture Notes in Computer Science, vol. 1163, K. Kim, T. Matsumoto eds., Springer-Verlag, pages 105–115, 1996.Google Scholar
  10. 10.
    T. Jakobsen. Correlation attacks on block ciphers. Master's Thesis, Department of Mathematics, Technical University of Denmark, January, 1996.Google Scholar
  11. 11.
    J. Kelsey, B. Schneier, and D. Wagner. Key-schedule cryptanalysis of IDEA, GDES, GOST, SAFER, and Triple-DES. Advances in Cryptology, CRYPTO'96, Lecture Notes in Computer Science, vol. 1109, N. Koblitz ed., Springer-Verlag, pages 237–251, 1996.Google Scholar
  12. 12.
    L. R. Knudsen and V. Rijmen. Truncated differentials of IDEA. Technical Report ESAT-COSIC Technical Report 97-1, Department of Electrical Engineering, Katholieke Universiteit Leuven, Febr. 1997.Google Scholar
  13. 13.
    X. Lai. On the design and security of block ciphers. ETH Series in Information Processing, editor J. Massey, Hartung-Gorre Verlag Konstanz, 1992.Google Scholar
  14. 14.
    X. Lai, J. Massey, and S. Murphy. Markov ciphers and differential cryptanalysis. Advances in Cryptology, EUROCRYPT'91, Lecture Notes in Computer Science, vol. 547, D. W. Davies ed., Springer-Verlag, pages 17–38, 1991.Google Scholar
  15. 15.
    S. K. Langford and M. E. Hellman. Differential-linear cryptanalysis. Advances in Cryptology, CRYPTO'94, Lecture Notes in Computer Science, vol. 839, Y. G. Desmedt ed., Springer-Verlag, pages 17–25, 1994.Google Scholar
  16. 16.
    M. Matsui. Linear cryptanalysis method for DES cipher. Advances in Cryptology, EUROCRYPT'93, Lecture Notes in Computer Science, vol. 765, T. Helleseth ed., Springer-Verlag, pages 386–397, 1994.Google Scholar
  17. 17.
    W. Meier. On the security of the IDEA block cipher. Advances in Cryptology, EUROCRYPT'93, Lecture Notes in Computer Science, vol. 765, T. Helleseth ed., Springer-Verlag, pages 371–385, 1994.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Philip Hawkes
    • 1
  1. 1.Department of MathematicsUniversity of QueenslandBrisbaneAustralia

Personalised recommendations