Topic
Differential cryptanalysis
About: Differential cryptanalysis is a research topic. Over the lifetime, 2131 publications have been published within this topic receiving 54681 citations.
Papers published on a yearly basis
Papers
More filters
Book•
30 Oct 2011
TL;DR: This book provides a technically detailed, yet readable, account of the state of the art of block cipher analysis, design, and deployment and provides an overview of some of the most important cryptanalytic methods.
Abstract: Block ciphers encrypt blocks of plaintext, messages, into blocks of ciphertext under the action of a secret key, and the process of encryption is reversed by decryption which uses the same user-supplied key. Block ciphers are fundamental to modern cryptography, in fact they are the most widely used cryptographic primitive useful in their own right, and in the construction of other cryptographic mechanisms. In this book the authors provide a technically detailed, yet readable, account of the state of the art of block cipher analysis, design, and deployment. The authors first describe the most prominent block ciphers and give insights into their design. They then consider the role of the cryptanalyst, the adversary, and provide an overview of some of the most important cryptanalytic methods. The book will be of value to graduate and senior undergraduate students of cryptography and to professionals engaged in cryptographic design. An important feature of the presentation is the authors' exhaustive bibliography of the field, each chapter closing with comprehensive supporting notes.
186 citations
23 Aug 1998
TL;DR: A theoretical attack on the compression function SHA-O with complexity 2 61 is obtained, which is thus better than the birthday paradox attack and is a strong evidence that the transition to version 1 indeed raised the level of security of SHA.
Abstract: In this paper we present a method for finding collisions in SHA-0 which is related to differential cryptanalysis of block ciphers. Using this method, we obtain a theoretical attack on the compression function SHA-0 with complexity 261, which is thus better than the birthday paradox attack. In the case of SHA-1, this method is unable to find collisions faster than the birthday paradox. This is a strong evidence that the transition to version 1 indeed raised the level of security of SHA.
185 citations
03 Mar 2014
TL;DR: This paper identifies a family of block ciphers that can systematically take advantage of bitslicing in a principled manner and evaluates both the security and performance of such designs and two of their instances, confirming excellent properties for physically secure applications.
Abstract: Side-channel analysis is an important issue for the security of embedded cryptographic devices, and masking is one of the most investigated solutions to mitigate such attacks. In this context, efficient masking has recently been considered as a possible criteria for new block cipher designs. Previous proposals in this direction were applicable to different types of masking schemes (e.g. Boolean and polynomial). In this paper, we study possible optimizations when specializing the designs to Boolean masking. For this purpose, we first observe that bitslice ciphers have interesting properties for improving both the efficiency and the regularity of masked software implementations. Next we specify a family of block ciphers (denoted as LS-designs) that can systematically take advantage of bitslicing in a principled manner. Eventually, we evaluate both the security and performance of such designs and two of their instances, confirming excellent properties for physically secure applications.
175 citations
TL;DR: In the two attacks, only a pair of (plaintext/ciphertext) was needed to totally break the cryptosystem.
172 citations
TL;DR: It is proved that in all permutationonly image ciphers, regardless of the cipher structure, the correct permutation mapping is recovered completely by a chosenplaintext attack, which significantly outperforms the state-of-theart cryptanalytic methods.
Abstract: Permutation is a commonly used primitive in multimedia (image/video) encryption schemes, and many permutation-only algorithms have been proposed in recent years for the protection of multimedia data. In permutation-only image ciphers, the entries of the image matrix are scrambled using a permutation mapping matrix which is built by a pseudo-random number generator. The literature on the cryptanalysis of image ciphers indicates that the permutation-only image ciphers are insecure against ciphertext-only attacks and/or known/chosen-plaintext attacks. However, the previous studies have not been able to ensure the correct retrieval of the complete plaintext elements. In this paper, we revisited the previous works on cryptanalysis of permutation-only image encryption schemes and made the cryptanalysis work on chosen-plaintext attacks complete and more efficient. We proved that in all permutation-only image ciphers, regardless of the cipher structure, the correct permutation mapping is recovered completely by a chosen-plaintext attack. To the best of our knowledge, for the first time, this paper gives a chosen-plaintext attack that completely determines the correct plaintext elements using a deterministic method. When the plain-images are of size ${M}\times {N}$ and with ${L}$ different color intensities, the number ${n}$ of required chosen plain-images to break the permutation-only image encryption algorithm is ${n}=\lceil \log _{L}$ ( MN ) $\rceil $ . The complexity of the proposed attack is $O$ ( $n\,\cdot \, {M N}$ ) which indicates its feasibility in a polynomial amount of computation time. To validate the performance of the proposed chosen-plaintext attack, numerous experiments were performed on two recently proposed permutation-only image/video ciphers. Both theoretical and experimental results showed that the proposed attack outperforms the state-of-the-art cryptanalytic methods.
169 citations