Differential cryptanalysis

About: Differential cryptanalysis is a research topic. Over the lifetime, 2131 publications have been published within this topic receiving 54681 citations.

Breaking the F-FCSR-H stream cipher in real time

Abstract: The F-FCSR stream cipher family has been presented a few years ago Apart from some flaws in the initial propositions, corrected in a later stage, there are no known weaknesses of the core of these algorithms The hardware oriented version, called FCSR-H, is one of the ciphers selected for the eSTREAM portfolio In this paper we present a new and severe cryptanalytic attack on the F-FCSR stream cipher family We give the details of the attack when applied on F-FCSR-H The attack requires a few Mbytes of received sequence and the complexity is low enough to allow the attack to be performed on a single PC within seconds

Differential Cryptanalysis of Round-Reduced SPECK Suitable for Internet of Things Devices

Abstract: In this paper, we focus on differential cryptanalysis of a lightweight ARX cipher. These ciphers use three simple arithmetic operations, namely, modular addition, bitwise rotation, and exclusive-OR, and therefore, are designed very well to perform over the Internet-of-Things (IoT) devices. We choose a very well-known ARX cipher designed by the National Security Agency (NSA) of the United States of America in June 2013, named SPECK. SPECK was subjected to several years of detailed cryptanalytic analysis within NSA and has been subjected to academic analysis by researchers worldwide. SPECK is specially optimized for low-cost processors like those used in the IoT devices. We first find the differential paths for all the variants of SPECK, and based on that differential path, we attack the round-reduced variant of the cipher. Finding differential paths in ARX is one of the most difficult and time-consuming problems due to the huge state space. We use a nested-based heuristic technique to find a differential path which is inspired by the nested Monte Carlo search (NMCS) algorithm. NMCS was successfully applied before for different games: Morpion Solitaire, SameGame, and $16\times 16$ Sudoku, but the use of such heuristic techniques in cryptography is entirely new and time-saving.

Collisions on SHA-0 in One Hour

Abstract: At Crypto 2007, Joux and Peyrin showed that the boomerang attack, a classical tool in block cipher cryptanalysis, can also be very useful when analyzing hash functions. They applied their new theoretical results to SHA and provided new improvements for the cryptanalysis of this algorithm. In this paper, we concentrate on the case of SHA-0 . First, we show that the previous perturbation vectors used in all known attacks are not optimal and we provide a new 2-block one. The problem of the possible existence of message modifications for this vector is tackled by the utilization of auxiliary differentials from the boomerang attack, relatively simple to use. Finally, we are able to produce the best collision attack against SHA-0 so far, with a measured complexity of 233,6hash function calls. Finding one collision for SHA-0 takes us approximatively one hour of computation on an average PC.

Mind the Gap - A Closer Look at the Security of Block Ciphers against Differential Cryptanalysis.

Abstract: Resistance against differential cryptanalysis is an important design criteria for any modern block cipher and most designs rely on finding some upper bound on probability of single differential characteristics. However, already at EUROCRYPT’91, Lai et al. comprehended that differential cryptanalysis rather uses differentials instead of single characteristics.