Topic
Differential cryptanalysis
About: Differential cryptanalysis is a research topic. Over the lifetime, 2131 publications have been published within this topic receiving 54681 citations.
Papers published on a yearly basis
Papers
More filters
•
01 Jan 2008TL;DR: A new and severe cryptanalytic attack on the F-FCSR stream cipher family, which requires a few Mbytes of received sequence and the complexity is low enough to allow the attack to be performed on a single PC within seconds.
Abstract: The F-FCSR stream cipher family has been presented a few years ago
Apart from some flaws in the initial propositions, corrected
in a later stage, there are no known weaknesses of the core of these
algorithms The hardware oriented version, called FCSR-H, is one of
the ciphers selected for the eSTREAM portfolio
In this paper we present a new and severe cryptanalytic attack on the
F-FCSR stream cipher family We give the details of the attack when
applied on F-FCSR-H The attack requires a few Mbytes of received
sequence and the complexity is low enough to allow the attack to be
performed on a single PC within seconds
47 citations
••
TL;DR: A nested-based heuristic technique is used to find a differential path which is inspired by the nested Monte Carlo search (NMCS) algorithm, which was successfully applied before for different games: Morpion Solitaire, SameGame, and Sudoku, but the use of such heuristic techniques in cryptography is entirely new and time-saving.
Abstract: In this paper, we focus on differential cryptanalysis of a lightweight ARX cipher. These ciphers use three simple arithmetic operations, namely, modular addition, bitwise rotation, and exclusive-OR, and therefore, are designed very well to perform over the Internet-of-Things (IoT) devices. We choose a very well-known ARX cipher designed by the National Security Agency (NSA) of the United States of America in June 2013, named SPECK. SPECK was subjected to several years of detailed cryptanalytic analysis within NSA and has been subjected to academic analysis by researchers worldwide. SPECK is specially optimized for low-cost processors like those used in the IoT devices. We first find the differential paths for all the variants of SPECK, and based on that differential path, we attack the round-reduced variant of the cipher. Finding differential paths in ARX is one of the most difficult and time-consuming problems due to the huge state space. We use a nested-based heuristic technique to find a differential path which is inspired by the nested Monte Carlo search (NMCS) algorithm. NMCS was successfully applied before for different games: Morpion Solitaire, SameGame, and $16\times 16$ Sudoku, but the use of such heuristic techniques in cryptography is entirely new and time-saving.
47 citations
••
10 Feb 2008
TL;DR: This paper shows that the previous perturbation vectors used in all known attacks are not optimal and provides a new 2-block one and is able to produce the best collision attack against SHA-0 so far, with a measured complexity of 233,6hash function calls.
Abstract: At Crypto 2007, Joux and Peyrin showed that the boomerang attack, a classical tool in block cipher cryptanalysis, can also be very useful when analyzing hash functions. They applied their new theoretical results to SHA and provided new improvements for the cryptanalysis of this algorithm. In this paper, we concentrate on the case of SHA-0 . First, we show that the previous perturbation vectors used in all known attacks are not optimal and we provide a new 2-block one. The problem of the possible existence of message modifications for this vector is tackled by the utilization of auxiliary differentials from the boomerang attack, relatively simple to use. Finally, we are able to produce the best collision attack against SHA-0 so far, with a measured complexity of 233,6hash function calls. Finding one collision for SHA-0 takes us approximatively one hour of computation on an average PC.
46 citations
••
TL;DR: A widely applicable matrix method to find impossible differentials of block cipher structures whose round functions are bijective is introduced and it is expected that the matrix method developed will be useful for evaluating the security of block ciphers against impossible differential cryptanalysis.
46 citations
••
15 Aug 2018
TL;DR: In this paper, Lai et al. comprehended that differential cryptanalysis rather uses differentials instead of single characteristics, and they proposed a block cipher with differentials to resist DCA.
Abstract: Resistance against differential cryptanalysis is an important design criteria for any modern block cipher and most designs rely on finding some upper bound on probability of single differential characteristics. However, already at EUROCRYPT’91, Lai et al. comprehended that differential cryptanalysis rather uses differentials instead of single characteristics.
46 citations