970 research outputs found
Cryptanalysis of Block Ciphers
The block cipher is one of the most important primitives in
modern cryptography, information and network security; one of
the primary purposes of such ciphers is to provide
confidentiality for data transmitted in insecure communication
environments. To ensure that confidentiality is robustly
provided, it is essential to investigate the security of a
block cipher against a variety of cryptanalytic attacks.
In this thesis, we propose a new extension of differential
cryptanalysis, which we call the impossible boomerang attack.
We describe the early abort technique for (related-key)
impossible differential cryptanalysis and rectangle attacks.
Finally, we analyse the security of a number of block ciphers
that are currently being widely used or have recently been
proposed for use in emerging cryptographic applications; our
main cryptanalytic results are as follows.
An impossible differential attack on 7-round AES when used with
128 or 192 key bits, and an impossible differential attack on
8-round AES when used with 256 key bits. An impossible
boomerang attack on 6-round AES when used with 128 key bits,
and an impossible boomerang attack on 7-round AES when used
with 192 or 256 key bits. A related-key impossible boomerang
attack on 8-round AES when used with 192 key bits, and a
related-key impossible boomerang attack on 9-round AES when
used with 256 key bits, both using two keys.
An impossible differential attack on 11-round reduced Camellia
when used with 128 key bits, an impossible differential attack
on 12-round reduced Camellia when used with 192 key bits, and
an impossible differential attack on 13-round reduced Camellia
when used with 256 key bits.
A related-key rectangle attack on the full Cobra-F64a, and a
related-key differential attack on the full Cobra-F64b.
A related-key rectangle attack on 44-round SHACAL-2.
A related-key rectangle attack on 36-round XTEA.
An impossible differential attack on 25-round reduced HIGHT, a
related-key rectangle attack on 26-round reduced HIGHT, and a
related-key impossible differential attack on 28-round reduced
HIGHT.
In terms of either the attack complexity or the numbers of
attacked rounds, the attacks presented in the thesis are better
than any previously published cryptanalytic results for the
block ciphers concerned, except in the case of AES; for AES,
the presented impossible differential attacks on 7-round AES
used with 128 key bits and 8-round AES used with 256 key bits
are the best currently published results on AES in a single key
attack scenario, and the presented related-key impossible
boomerang attacks on 8-round AES used with 192 key bits and
9-round AES used with 256 key bits are the best currently
published results on AES in a related-key attack scenario
involving two keys
Survey and Benchmark of Block Ciphers for Wireless Sensor Networks
Cryptographic algorithms play an important role in the security architecture of wireless sensor networks (WSNs). Choosing the most storage- and energy-efficient block cipher is essential, due to the facts that these networks are meant to operate without human intervention for a long period of time with little energy supply, and that available storage is scarce on these sensor nodes. However, to our knowledge, no systematic work has been done in this area so far.We construct an evaluation framework in which we first identify the candidates of block ciphers suitable for WSNs, based on existing literature and authoritative recommendations. For evaluating and assessing these candidates, we not only consider the security properties but also the storage- and energy-efficiency of the candidates. Finally, based on the evaluation results, we select the most suitable ciphers for WSNs, namely Skipjack, MISTY1, and Rijndael, depending on the combination of available memory and required security (energy efficiency being implicit). In terms of operation mode, we recommend Output Feedback Mode for pairwise links but Cipher Block Chaining for group communications
KLEIN: A New Family of Lightweight Block Ciphers
Resource-efficient cryptographic primitives become fundamental for realizing both security and efficiency in embedded systems like RFID tags and sensor nodes. Among those primitives, lightweight block cipher plays a major role as a building block for security protocols. In this paper, we describe a new family of lightweight block ciphers named KLEIN, which is designed for resource-constrained devices such as wireless sensors and RFID tags. Compared to the related proposals, KLEIN has advantage in the software performance on legacy sensor platforms, while in the same time its hardware implementation can also be compact
The (related-key) impossible boomerang attack and its application to the AES block cipher
The Advanced Encryption Standard (AES) is a 128-bit block cipher with a user key of 128, 192 or 256 bits, released by NIST in 2001 as the next-generation data encryption standard for use in the USA. It was adopted as an ISO international standard in 2005. Impossible differential cryptanalysis and the boomerang attack are powerful variants of differential cryptanalysis for analysing the security of a block cipher. In this paper, building on the notions of impossible differential cryptanalysis and the boomerang attack, we propose a new cryptanalytic technique, which we call the impossible boomerang attack, and then describe an extension of this attack which applies in a related-key attack scenario. Finally, we apply the impossible boomerang attack to break 6-round AES with 128 key bits and 7-round AES with 192/256 key bits, and using two related keys we apply the related-key impossible boomerang attack to break 8-round AES with 192 key bits and 9-round AES with 256 key bits. In the two-key related-key attack scenario, our results, which were the first to achieve this amount of attacked rounds, match the best currently known results for AES with 192/256 key bits in terms of the numbers of attacked rounds. The (related-key) impossible boomerang attack is a general cryptanalytic technique, and can potentially be used to cryptanalyse other block ciphers
Multidimensional Zero-Correlation Linear Cryptanalysis of the Block Cipher KASUMI
The block cipher KASUMI is widely used for security in many synchronous
wireless standards. It was proposed by ETSI SAGE for usage in 3GPP (3rd
Generation Partnership Project) ciphering algorthms in 2001. There are a great
deal of cryptanalytic results on KASUMI, however, its security evaluation
against the recent zero-correlation linear attacks is still lacking so far. In
this paper, we select some special input masks to refine the general 5-round
zero-correlation linear approximations combining with some observations on the
functions and then propose the 6-round zero-correlation linear attack on
KASUMI. Moreover, zero-correlation linear attacks on the last 7-round KASUMI
are also introduced under some weak keys conditions. These weak keys take
of the whole key space.
The new zero-correlation linear attack on the 6-round needs about
encryptions with known plaintexts. For the attack under weak keys
conditions on the last 7 round, the data complexity is about known
plaintexts and the time complexity encryptions
Polytopic Cryptanalysis
Standard differential cryptanalysis uses statistical dependencies between the difference of two plaintexts and the difference of the respective two ciphertexts to attack a cipher. Here we introduce polytopic cryptanalysis which considers interdependencies between larger sets of texts as they traverse through the cipher. We prove that the methodology of standard differential cryptanalysis can unambiguously be extended and transferred to the polytopic case including impossible differentials. We show that impossible polytopic transitions have generic advantages over impossible differentials. To demonstrate the practical relevance of the generalization, we present new low-data attacks on round-reduced DES and AES using impossible polytopic transitions that are able to compete with existing attacks, partially outperforming these
Cryptanalysis of an Encryption Scheme Based on Blind Source Separation
Recently Lin et al. proposed a method of using the underdetermined BSS (blind
source separation) problem to realize image and speech encryption. In this
paper, we give a cryptanalysis of this BSS-based encryption and point out that
it is not secure against known/chosen-plaintext attack and chosen-ciphertext
attack. In addition, there exist some other security defects: low sensitivity
to part of the key and the plaintext, a ciphertext-only differential attack,
divide-and-conquer (DAC) attack on part of the key. We also discuss the role of
BSS in Lin et al.'s efforts towards cryptographically secure ciphers.Comment: 8 pages, 10 figures, IEEE forma
- …