Topic
Differential cryptanalysis
About: Differential cryptanalysis is a research topic. Over the lifetime, 2131 publications have been published within this topic receiving 54681 citations.
Papers published on a yearly basis
Papers
More filters
TL;DR: Improvements in existing Constraint Programming (CP) approaches for computing optimal related-key differential characteristics are improved: new constraints that detect inconsistencies sooner, and a new decomposition of the problem in two steps are introduced.
15 citations
24 Feb 2003
TL;DR: A slightly modified version of the IDEA-X cipher, called IDEA X/2, was presented in this article, and an attack on this cipher was presented at FSE 2002.
Abstract: IDEA is a 64-bit block cipher with a 128-bit key designed by J. Massey and X. Lai. At FSE 2002 a slightly modified version called IDEA-X was attacked using multiplicative differentials. In this paper we present a less modified version of IDEA we call IDEA-X/2, and an attack on this cipher. This attack also works on IDEA-X, and improves on the attack presented at FSE 2002.
15 citations
24 Jun 1988
TL;DR: It is shown that the algorithm (when expressed as a logic function) should be correlation- immune, permutation-immune, and nonlinear in its arguments and its resistance to cryptanalysis is evaluated.
Abstract: Necessary conditions are determined for a self-synchronizing steam cipher algorithm to be secure. The stream cipher encryption hardware considered consists of a keystream generator, an exclusive-OR gate to combine the keystream and the binary coded message stream, and circuits to establish initial cryptographic synchronization. The security of the system is based on the use of secret cryptographic keys which must be transmitted to the receiver in advance over a secure route. It is shown that the algorithm (when expressed as a logic function) should be correlation-immune, permutation-immune, and nonlinear in its arguments. An example of a 125-stage 7th-order correlation-immune function is given, and its resistance to cryptanalysis is evaluated. >
15 citations
28 Nov 2012
TL;DR: This extended abstract briefly summarizes a talk with the same title and gives literature pointers and coin the term bruteforce-like cryptanalysis, which is coined in this paper.
Abstract: This extended abstract briefly summarizes a talk with the same title and gives literature pointers. In particular, we coin the term bruteforce-like cryptanalysis.
15 citations
23 Nov 2011
TL;DR: This paper shows that GOST is not secure even against (advanced forms of) differential cryptanalysis (DC), and shows a first advanced differential attack faster than brute force on full 32-round GOST.
Abstract: GOST 28147-89 is a well-known block cipher and the official encryption standard of the Russian Federation. A 256-bit block cipher considered as an alternative for AES-256 and triple DES, having an amazingly low implementation cost and thus increasingly popular and used [12,15,13,20]. Until 2010 researchers have written that: "despite considerable cryptanalytic efforts spent in the past 20 years, GOST is still not broken", see [15] and in 2010 it was submitted to ISO 18033 to become a worldwide industrial encryption standard. In 2011 it was suddenly discovered that GOST is insecure on more than one account. There is a variety of recent attacks on GOST [3,7]. We have reflection attacks [14,7], attacks with double reflection [7], and various attacks which do not use reflections [7,3]. The final key recovery step in these attacks is in most cases a software algebraic attack [7,3] and sometimes a Meet-In-The-Middle attack [14,7].
In this paper we show that GOST is NOT SECURE even against (advanced forms of) differential cryptanalysis (DC). Previously Russian researchers postulated that GOST will be secure against DC for as few as 7 rounds out of 32 [9,19] and Japanese researchers were already able to break about 13 rounds [18]. In this paper we show a first advanced differential attack faster than brute force on full 32-round GOST.
15 citations