Topic
Differential cryptanalysis
About: Differential cryptanalysis is a research topic. Over the lifetime, 2131 publications have been published within this topic receiving 54681 citations.
Papers published on a yearly basis
Papers
More filters
05 Jul 2010
TL;DR: The current state of the side channel cryptanalysis is discussed, the different categories of side channel attacks are analyzed and how concrete attacks against FPGA devices leads to secret information reveal is examined.
Abstract: The block cipher designers assume that the secret information will be manipulated in close and reliable computing environments. Unfortunately, this isn’t feasible because actual computing units and chips have implementation information leakage during their operation. Side channel cryptanalysis exploits this implementation data, in order to extract cipher’s secret information. In this paper, we discuss the current state-of-art of side channel cryptanalysis. We also analyze the different categories of side channel attacks and examine how concrete attacks against FPGA devices leads to secret information reveal.
17 citations
Journal Article•
TL;DR: A new block cipher is proposed that is almost as fast as DES on a wide range of platforms, yet conjectured to be at least as secure as three-key triple-DES.
Abstract: We propose a new block cipher as a candidate for the Advanced Encryption Standard. Its design is highly conservative, yet still allows a very efficient implementation. It uses the well-understood DES S-boxes in a new structure that simultaneously allows a more rapid avalanche, a more efficient bitslice implementation, and an easy analysis that enables us to demonstrate its security against all known types of attack. With a 128-bit block size and a 256-bit key, it is almost as fast as DES on a wide range of platforms, yet conjectured to be at least as secure as three-key triple-DES.
17 citations
25 Apr 2009
TL;DR: The key and IV setup algorithms of both HC-256 and HC-128 cipher are cryptanalyzed and an enhanced algorithm is proposed base on subkey addition as block ciphers, to improve the security of stream cipher.
Abstract: The key and IV setup algorithms of both HC-256 and HC-128 cipher are cryptanalyzed in this paper. Both ciphers are software-efficient stream ciphers, proposed as the candidates of ECRYPT Stream Cipher Project and selected into the final portfolio. Key-schedule is one of the most important parts of designing a security cipher. The weak key initialization process is a fatal potential weakness of a cipher. The analysis results show that the master keys \emph{K} of HC-256 and HC-128 can be recovered from the states \emph{P} and \emph{Q} easily. Therefore, the key and IV setup algorithms is not perfect enough. Final, an enhanced algorithm is proposed base on subkey addition as block ciphers, to improve the security of stream ciphers.
17 citations
13 Jul 2009
TL;DR: A parallel, time-constant implementation of eight instances of IDEA able to encrypt in counter mode at a speed of 5.42 cycles/byte on an Intel Core2 processor, and the design of a new block cipher, named WIDEA, leveraging on IDEA's outstanding security-performance ratio is proposed.
Abstract: Since almost two decades, the block cipher IDEA has resisted an exceptional number of cryptanalysis attempts. At the time of writing, the best published attack works against 6 out of the 8.5 rounds (in the non-related-key attacks model), employs almost the whole codebook, and improves the complexity of an exhaustive key search by a factor of only two. In a parallel way, Lipmaa demonstrated that IDEA can benefit from SIMD (Single Instruction, Multiple Data) instructions on high-end CPUs, resulting in very fast implementations. The aim of this paper is two-fold: first, we describe a parallel, time-constant implementation of eight instances of IDEA able to encrypt in counter mode at a speed of 5.42 cycles/byte on an Intel Core2 processor. This is comparable to the fastest stream ciphers and notably faster than the best known implementations of most block ciphers on the same processor. Second, we propose the design of a new block cipher, named WIDEA, leveraging on IDEA's outstanding security-performance ratio. We furthermore propose a new key-schedule algorithm in replacement of completely linear IDEA's one, and we show that it is possible to build a compression function able to process data at a speed of 5.98 cycles/byte. A significant property of WIDEA is that it closely follows the security rationales defined by Lai and Massey in 1990, hence inheriting all the cryptanalysis done the past 15 years in a very natural way.
17 citations
28 May 2014
TL;DR: E2 is a block cipher designed by NTT and was a first-round AES candidate, and it has been shown how to improve upon the impossible differential cryptanalysis of Camellia with the zero-correlation linear cryptanalysis.
Abstract: E2 is a block cipher designed by NTT and was a first-round AES candidate. E2’s design principles influenced several more recent block ciphers including Camellia, an ISO/IEC standard cipher. So far the cryptanalytic results for round-reduced E2 have been concentrating around truncated and impossible differentials. At the same time, rather recently at SAC’13, it has been shown how to improve upon the impossible differential cryptanalysis of Camellia with the zero-correlation linear cryptanalysis. Due to some similarities between E2 and Camellia, E2 might also render itself more susceptible to this type of cryptanalysis.
17 citations