Showing papers on "Plaintext-aware encryption published in 1986"
Proceedings Article•
01 Jan 1986
TL;DR: Using a combination of software and special-purpose hardware, the cycling test is applied to the Data Encryption Standard and shows, with a high degree of confidence, that DES is not a group.
Abstract: The Data Encryption Standard (DES) defines an indexed set of permutations acting on the message space M = {0, l}64. If this set of permutations were closed under functional composition, then DES would be vulnerable to a known-plaintext attack that runs in 228 steps, on the average. It is unknown in the open literature whether or not DES has this weakness.We describe two statistical tests for determining if an indexed set of permutations acting on a finite message space forms a group under functional composition. The first test is a "meet-in-the-middle" algorithm which uses O[?K) time and space, where K is the size of the key space. The second test, a novel cycling algorithm, uses the same amount of time but only a small constant amount of space. Each test yields a known-plaintext attack against any finite, deterministic cryptosystem that generates a small group.The cycling test takes a pseudo-random walk in the message space until a cycle is detected. For each step of the pseudo-random walk, the previous ciphertext is encrypted under a key chosen by a pseudo-random function of the previous ciphertext. Results of the test are asymmetrical: long cycles are overwhelming evidence that the set of permutations is not a group; short cycles are strong evidence that the set of permutations has a structure different from that expected from a set of randomly chosen permutations.Using a combination of software and special-purpose hardware, we applied the cycling test to DES. Our experiments show, with a high degree of confidence, that DES is not a group.
40 citations
TL;DR: A chosen-plaintext attack was used to break the encoding; the encryption method could be derived easily from the enciphering of carefully chosen plaintext programs and a pair of MBASIC programs able to decrypt a protected program for any interpreter was developed.
10 citations
TL;DR: A public key cryptosystem is proposed, which is based on the assumption that finding the square root of an element in a large finite ring is computationally infeasible in the absence of a knowledge of the ring structure.
Abstract: A public key cryptosystem is proposed, which is based on the assumption that finding the square root of an element in a large finite ring is computationally infeasible in the absence of a knowledge of the ring structure. The encryption and decryption operations are very fast, and the data expansion is 1:2.