Differential cryptanalysis

About: Differential cryptanalysis is a research topic. Over the lifetime, 2131 publications have been published within this topic receiving 54681 citations.

Modified Hill Cipher for a Large Block of Plaintext with Interlacing and Iteration

Abstract: In this research, we have developed a large block cipher by modifying the Hill cipher. In this, we have introduced interlacing of the binary bits of the plaintext as the primary concept leading to confusion. This process is strengthened by using iteration. The cryptanalysis and avalanche effect mentioned in this research clearly exhibit the strength of the cipher.

Statistics of correlation and differentials in block ciphers

Abstract: In this paper, we derive the statistical distributions of difference propagation probabilities and input-output correlations for random functions and block ciphers, for most of them for the first time. We show that these parameters have distributions that are well-studied in the field of statistics such as the normal, Poisson, Gamma and extreme value distributions. For Markov ciphers there exists a solid theory that expresses bounds on the complexity of differential and linear cryptanalysis in terms of average difference propagation probabilities and average correlations, where the average is taken over the keys. The propagation probabilities and correlations exploited in differential and linear cryptanalysis actually depend on the key and hence so does the attack complexity. Markov theory does not make statements on the distributions of these fixed-key properties but rather makes the assumption that their values will be close to the average for the vast majority of keys. This assumption is made explicit in the form of the hypothesis of stochastic equivalence. In this paper, we study the distributions of propagation properties that are relevant in the resistance of key-alternating ciphers against differential and linear cryptanalysis. Key-alternating ciphers are basically iterative ciphers where round keys are applied by an XOR operation in between unkeyed rounds and are a sub-class of Markov ciphers. We give the distributions of fixed-key difference propagation probability and fixed-key correlation of iterative ciphers. We show that for key-alternating ciphers, the hypothesis of stochastic equivalence can be discarded. In its place comes the explicit formulation of the distribution of fixed-key differential probability (DP) of a differential in terms of its expected differential probability (EDP) and the distribution of the fixed-key linear probability (or rather potential) (LP) of a linear approximation (or hull) in terms of its expected linear probability (ELP). Here the ELP and EDP are defined by disregarding the key schedule of the block cipher and taking the average over independently selected round keys, instead of over all cipher keys. Proving these distributions requires no assumptions standardly made in Markov cipher theory as perfectly uniform behavior, independently acting rounds or the technique of averaging over keys. For key-alternating ciphers, we show that if the EDP is equal to 2−n with n the block length, the fixed-key DP has the same distribution as in a random n-bit cipher. The same holds for the ELP and the corresponding fixed-key LP. Finally we present a statistical technique for computing bounds on the EDP based on the distribution of probabilities of differential characteristics and of the ELP based on the distribution of LP of linear characteristics.

Security analysis of the GF-NLFSR structure and four-cell block cipher

Abstract: The overall structure is one of the most important properties of block ciphers. At present, the most common structures include Feistel structure, SP structure, MISTY structure, L-M structure and Generalized Feistel structure. In [12], Choy et al. proposed a new structure called GF-NLFSR (Generalized Feistel-NonLinear Feedback Shift Register), and designed a new block cipher called Four-Cell which is based on the 4-cell GF-NLFSR. In this paper, we first study properties of the n-cell GF-NLFSR structure, and prove that for an n-cell GF-NLFSR, there exists an (n2+n−2) rounds impossible differential. Then we present an impossible differential attack on the full 25-round Four-Cell using this kind of 18-round impossible differential distinguisher together with differential cryptanalysis technique. The data complexity of our attack is 2111.5 and the time complexity is less than 2123.5 encryptions. In addition, we expect the attack to be more efficient when the relations between different round subkeys can be exploited by taking the key schedule algorithm into consideration.

Fast Implementation and Cryptanalysis of GOST R 34.12-2015 Block Ciphers

Abstract: The new cryptographic standard GOST R 34.12-2015 "Information technology. Cryptographic Data Security. Block ciphers." [7] came into force on January 1st, 2016. The standard contains two encryption algorithms. One of those is a former standard encryption algorithm GOST 29147-89 (also known as simply GOST) with fixed S-boxes. This algorithm is denoted as Magma in the new standard. The second algorithm is a new symmetric block cipher based on SP-network, which is denoted as Kuznyechik (also transliterated as "Kuznechik"). Nowadays, a lot of attention is paid to the issues of quality of the new cipher, namely its cryptographic strength, performance, portability, implementation, etc. In this paper we are offering to consider the possibility to use parallel computations based on MPI and NVIDIA CUDA technologies for cryptanalysis of Magma and Kuznyechik. We choose slide attack for the implementation. The slide attack is applicable to Magma and Kuznyechik ciphers only with significant weakening modifications to their original descriptions. However, research on applicability of parallel implementation of cryptanalysis is important, because the parallel approach can be applied to other more efficient methods of cryptanalysis. The proposed parallel algorithms implemented for two different technologies demonstrate close to linear growth of analysis speed with the increase of involved processor cores. Also we propose a fast implementation of Kuznyechik data encryption based on precomputed tables.