Scrutinizing and Improving Impossible Differential Attacks: Applications to CLEFIA, Camellia, LBlock and Simon
Christina Boura,María Naya-Plasencia,Valentin Suder +2 more
- Vol. 8873, pp 179-199
Reads0
Chats0
TLDR
In this paper, a generic complexity analysis formula for mounting such attacks and new ideas for optimizing impossible differential cryptanalysis are presented, such as testing of parts of the internal state for reducing the number of involved key bits.Abstract:
Impossible differential cryptanalysis has shown to be a very powerful form of cryptanalysis against block ciphers. These attacks, even if extensively used, remain not fully understood because of their high technicality. Indeed, numerous are the applications where mistakes have been discovered or where the attacks lack optimality. This paper aims in a first step at formalizing and improving this type of attacks and in a second step at applying our work to block ciphers based on the Feistel construction. In this context, we derive generic complexity analysis formulas for mounting such attacks and develop new ideas for optimizing impossible differential cryptanalysis. These ideas include for example the testing of parts of the internal state for reducing the number of involved key bits. We also develop in a more general way the concept of using multiple differential paths, an idea introduced before in a more restrained context. These advances lead to the improvement of previous attacks against well known ciphers such as CLEFIA-128 and Camellia, while also to new attacks against 23-round LBlock and all members of the Simon family.read more
Citations
More filters
Book ChapterDOI
The Simeck Family of Lightweight Block Ciphers
TL;DR: Simeck as discussed by the authors combines the good design components from both Simon and Speck, in order to devise even more compact and efficient block ciphers, which can satisfy the area, power, and throughput requirements in passive RFID tags.
Book
Topics in Cryptology - CT-RSA 2008 : the Cryptographers' Track at the RSA Conference 2008 San Fancisco, CA, USA, April 8-11, 2008 : proceedings
TL;DR: This work focuses on improving the efficiency of Impossible Differential Cryptanalysis of Reduced Camellia and MISTY1 and on small Secret Key Attack on a Variant of RSA (Due to Takagi).
Book ChapterDOI
Bit-Based Division Property and Application to Simon Family
Yosuke Todo,Masakatu Morii +1 more
TL;DR: A bit-based division property is introduced and applied to the Simoni¾?family and it is shown that Simon48, 64, 96, and 128 probably do not have 17-, 20-, 25-, and 29-round integral characteristics, respectively.
Posted Content
Triathlon of Lightweight Block Ciphers for the Internet of Things.
TL;DR: In this article, the authors introduce an open framework for the benchmarking of lightweight block ciphers on a multitude of embedded platforms, allowing a user to define a custom "figure of merit" according to which all evaluated candidates can be ranked.
Journal ArticleDOI
Triathlon of Lightweight Block Ciphers for the Internet of Things
TL;DR: In this paper, the authors introduce a framework for the benchmarking of lightweight block ciphers on a multitude of embedded platforms, including 8-bit AVR, 16-bit MSP430, and 32-bit ARM.
References
More filters
Journal ArticleDOI
Differential cryptanalysis of DES-like cryptosystems
Eli Biham,Adi Shamir +1 more
TL;DR: A new type of cryptanalytic attack is developed which can break the reduced variant of DES with eight rounds in a few minutes on a personal computer and can break any reduced variantof DES (with up to 15 rounds) using less than 256 operations and chosen plaintexts.
Book
Fast Software Encryption
TL;DR: Simplified variants that omit a quadratic function and a fixed rotation in RC6 are examined to clarify their essential contribution to the overall security of RC6.
Book ChapterDOI
Polynomial reconstruction based cryptography
Aggelos Kiayias,Moti Yung +1 more
TL;DR: A short overview of recent works on the problem of Decoding Reed Solomon Codes (aka Polynomial Reconstruction) and the novel applications that were enabled due to this development.
BookDOI
Advances in Cryptology — EUROCRYPT ’99
TL;DR: This work shows that if the private exponent d used in the RSA public-key cryptosystem is less than N then the system is insecure.