Advertisement

From differential cryptanalysis to ciphertext-only attacks

  • Alex Biryukov
  • Eyal Kushilevitz
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1462)

Abstract

We present a method for efficient conversion of differential (chosen plaintext) attacks into the more practical known plaintext and ciphertext-only attacks. Our observation may save up to a factor of 220 in data over the known methods, assuming that plaintext is ASCII encoded English (or some other types of highly redundant data). We demonstrate the effectiveness of our method by practical attacks on the block-cipher Madryga and on round-reduced versions of RC5 and DES.

Keywords

block-ciphers Madryga RC5 DES ciphertext-only attack differential cryptanalysis differential-linear attack 

References

  1. 1.
    E. Biham, A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, 1993.Google Scholar
  2. 2.
    E. Biham, A. Shamir, Differential Cryptanalysis of Feal and N-Hash, Lecture Notes in Computer Science 547, Advances in Cryptology — EUROCRYPT'91, pp.1–17, Springer-Verlag, 1991.Google Scholar
  3. 3.
    E. Biham, A. Shamir, Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer, Lecture Notes in Computer Science 576, Advances in Cryptology — CRYPTO'91, pp.156–171, Springer-Verlag, 1992.Google Scholar
  4. 4.
    A. Biryukov, E. Kushilevitz, Improved Cryptanalysis of RC5, to appear, proceedings of EUROCRYPT'98.Google Scholar
  5. 5.
    P. F. Brown, V. J. Della Pietra, R. L. Mercer, S. A. Della Pietra, An Estimate of an Upper Bound for the Entropy of English, Computational Linguistics, Vol. 18, N. 1, pp.31–40, 1992.Google Scholar
  6. 6.
    T. M. Cover, R. King, A Convergent Gambling Estimate of the Entropy of English, IEEE Transactions on Information Theory, Vol. 24, N. 4, pp.413–421, 1978.MATHMathSciNetCrossRefGoogle Scholar
  7. 7.
    Project Gutenberg, http://www.promo.net/pgGoogle Scholar
  8. 8.
    B. S. Kaliski, Y. L. Yin, On Differential and Linear Cryptanalysis of the RC5 Encryption Algorithm, Lecture Notes in Computer Science 963, Advances in Cryptology — CRYPTO'95, pp.171–184, Springer-Verlag, 1995.Google Scholar
  9. 9.
    P. Kharn, P. Metzger, W. Simpson, The ESP DES-CBC Transform, ftp://ftp.isi.edu/in-notes/rfc1829.txt, 1995.Google Scholar
  10. 10.
    L. R. Knudsen, W. Meier, Improved Differential Attacks on RC5, Lecture Notes in Computer Science 1109, Advances in Cryptology — CRYPTO'96, pp.216–228, Springer-Verlag, 1996.Google Scholar
  11. 11.
    A. G. Konheim, Cryptography: A Primer, New York: John Wiley & Sons, 1981.Google Scholar
  12. 12.
    X. Lai, J. L. Massey, S. Murphy, Markov Ciphers and Differential Cryptanalysis, Lecture Notes in Computer Science 547, Advances in Cryptology — EUROCRYPT'91, pp.17–38, Springer-Verlag, 1992.Google Scholar
  13. 13.
    S. K. Langford, M. E. Hellman, Differential-Linear Cryptanalysis, Lecture Notes in Computer Science 839, Advances in Cryptology — CRYPTO'94, pp. 17–25, Springer-Verlag, 1994.Google Scholar
  14. 14.
    W. E. Madryga, A High Performance Encryption Algorithm, Computer Security: A Global Challenge, Elsevier Science Publishers, pp. 557–570, 1984.Google Scholar
  15. 15.
    M. Matsui, Linear Cryptanalysis Method of DES Cipher, Lecture Notes in Computer Science 765, Advances in Cryptology — EUROCRYPT'93, pp.386–397, Springer-Verlag, 1994.Google Scholar
  16. 16.
    S. Miyaguchi, A. Shiraishi, A. Shimizu, Fast Data Encryption Algorithm Feal-8, Review of Electrical Communications Laboratories, Vol. 36, N. 4, pp.433–437, 1988.Google Scholar
  17. 17.
    S. Miyaguchi, Feal-N specifications, NTT, 1989.Google Scholar
  18. 18.
    S. Murphy, The Cryptanalysis of FEAL-4 with 20 Chosen Plaintexts, Journal of Cryptology, pp.145–154, 1990.Google Scholar
  19. 19.
    National Bureau of Standards, Data Encryption Standard, U.S. Department of Commerce, FIPS pub. 46, 1977.Google Scholar
  20. 20.
    R. L. Rivest, The RC5 Encryption Algorithm, Lecture Notes in Computer Science 1008, Fast Software Encryption, pp.86–96, Springer-Verlag, 1994.Google Scholar
  21. 21.
    B. Schneier, Applied Cryptography Second Edition, John Wiley & Sons, New York, NY, 1996.Google Scholar
  22. 22.
    A. A. SelÇuk, New Results in Linear Cryptanalysis of RC5, to appear, proceedings of Fast Software Encryption 5, 1998.Google Scholar
  23. 23.
    H. Shang, T. H. Merrettal, Tries for Approximate String Matching, IEEE Transactions on Knowledge and Data Engineering, Vol. 8, N. 4, 1996.Google Scholar
  24. 24.
    C. Shannon, Prediction and Entropy in Printed English, Bell Systems Technical Journal, Vol. 30, N. 1, pp.50–64, 1951.Google Scholar
  25. 25.
    K. Shirriff, Differential Cryptanalysis of Madryga, unpublished manuscript, http://ftp.cs.berkeley.edu/ucb/sprite/www/papers/madryga.ps, October 1995.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Alex Biryukov
    • 1
  • Eyal Kushilevitz
    • 2
  1. 1.Applied Mathematics DepartmentTechnion - Israel Institute of TechnologyHaifaIsrael
  2. 2.Computer Science DepartmentTechnion - Israel Institute of TechnologyHaifaIsrael

Personalised recommendations