• Title, Summary, Keyword: cryptanalysis

Search Result 180, Processing Time 0.034 seconds

Multidimensional Differential-Linear Cryptanalysis of ARIA Block Cipher

  • Yi, Wentan;Ren, Jiongjiong;Chen, Shaozhen
    • ETRI Journal
    • /
    • v.39 no.1
    • /
    • pp.108-115
    • /
    • 2017
  • ARIA is a 128-bit block cipher that has been selected as a Korean encryption standard. Similar to AES, it is robust against differential cryptanalysis and linear cryptanalysis. In this study, we analyze the security of ARIA against differential-linear cryptanalysis. We present five rounds of differential-linear distinguishers for ARIA, which can distinguish five rounds of ARIA from random permutations using only 284.8 chosen plaintexts. Moreover, we develop differential-linear attacks based on six rounds of ARIA-128 and seven rounds of ARIA-256. This is the first multidimensional differential-linear cryptanalysis of ARIA and it has lower data complexity than all previous results. This is a preliminary study and further research may obtain better results in the future.

An Encryption Algorithm Based on DES or Composition Hangul Syllables (DES에 기반한 조합형 한글 암호 알고리즘)

  • 박근수
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.9 no.3
    • /
    • pp.63-74
    • /
    • 1999
  • In this paper we present a Hangul Encryption Algorithm (HEA) which encrypts composition Hangul syllables into composition Hangul syllables using the non-linear structure of Hangul. Since ciphertexts generated by HEA are displayable characters HEA can be used in applications such as Privacy Enhanced mail (PEM) where ciphertexts should be displayable characters. HEA is based on DES and it can be shown that HEA is as safe as DES against the exhaustive key search differential cryptanalysis and linear cryptanalysis. HEA also has randomness of phonemes of ciphertexts and satisfies plaintext-ciphetext avalanche effect and key-ciphertext avalanche effect.

  • PDF

Novel Technique in Linear Cryptanalysis

  • Sun, Wen-Long;Guan, Jie
    • ETRI Journal
    • /
    • v.37 no.1
    • /
    • pp.165-174
    • /
    • 2015
  • In this paper, we focus on a novel technique called the cube-linear attack, which is formed by combining cube attacks with linear attacks. It is designed to recover the secret information in a probabilistic polynomial and can reduce the data complexity required for a successful attack in specific circumstances. In addition to the different combination strategies of the two attacks, two cube-linear schemes are discussed. Applying our method of a cube-linear attack to a reduced-round Trivium, as an example, we get better linear cryptanalysis results. More importantly, we believe that the improved linear cryptanalysis technique introduced in this paper can be extended to other ciphers.

Conditional Re-encoding Method for Cryptanalysis-Resistant White-Box AES

  • Lee, Seungkwang;Choi, Dooho;Choi, Yong-Je
    • ETRI Journal
    • /
    • v.37 no.5
    • /
    • pp.1012-1022
    • /
    • 2015
  • Conventional cryptographic algorithms are not sufficient to protect secret keys and data in white-box environments, where an attacker has full visibility and control over an executing software code. For this reason, cryptographic algorithms have been redesigned to be resistant to white-box attacks. The first white-box AES (WB-AES) implementation was thought to provide reliable security in that all brute force attacks are infeasible even in white-box environments; however, this proved not to be the case. In particular, Billet and others presented a cryptanalysis of WB-AES with 230 time complexity, and Michiels and others generalized it for all substitution-linear transformation ciphers. Recently, a collision-based cryptanalysis was also reported. In this paper, we revisit Chow and others's first WB-AES implementation and present a conditional re-encoding method for cryptanalysis protection. The experimental results show that there is approximately a 57% increase in the memory requirement and a 20% increase in execution speed.

Differential Cryptanalysis of DES-Like Block Cipher HEA (블록 암호 알고리즘 HEA에 대한 차분분석)

  • 현진수;송정환;강형석
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.10 no.4
    • /
    • pp.107-112
    • /
    • 2000
  • In this paper, we study a security of HEA(Hangul Encryption Algorithm) against differential cryptanalysis. HEA, which is 1,024bits input/output and 56bits key size, has the same structure as DES(Data Encyption Standard) only for Korean characters to be produced in ciphertexts. An encryption algorithm should be developed to meet certain critria such as input/ouput dependencies, correlation, avalanche effects, etc. However HEA uses the same S-Boxes as DES does and just expands the plaintext/ciphertext sizes . We analysize HEA with a differential cryptanalysis and present two results. The number of rounds of HEA has not been determined in a concrete basis of cryptanalysis and we show a chosen plintext attack of 10 round reduced HEA with a diffe- rential cryptanalysis characteristic.

  • PDF

A Design and Analysis of the Block Cipher Circle-g Using the Modified Feistel Structure (변형된 Feistel 구조를 이용한 Circle-g의 설계와 분석)

  • 임웅택;전문석
    • Journal of the Korea Computer Industry Society
    • /
    • v.5 no.3
    • /
    • pp.405-414
    • /
    • 2004
  • In this paper, we designed a 128-bits block cipher, Circle-g, which has 18-rounds modified Feistel structure and analyzed its secureness by the differential cryptanalysis and linear cryptanalysis. We could have full diffusion effect from the two rounds of the Circle-g. Because of the strong diffusion effect of the F-function of the algorithm, we could get a 9-rounds DC characteristic with probability 2^{-144} and a 12-rounds LC characteristic with probability 2^{-144}. For the Circle-g with 128-bit key, there is no shortcut attack, which is more efficient than the exhaustive key search, for more than 12 rounds of the algorithm.

  • PDF

Provable Security for New Block Cipher Structures against Differential Cryptanalysis and Linear Cryptanalysis (새로운 블록 암호 구조에 대한 차분/선형 공격의 안전성 증명)

  • Kim, Jong-Sung;Jeong, Ki-Tae;Lee, Sang-Jin;Hong, Seok-Hie
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.17 no.1
    • /
    • pp.121-125
    • /
    • 2007
  • Differential cryptanalysis and linear cryptanalysis are the most powerful approaches known for attacking many block ciphers and used to evaluating the security of many block ciphers. So designers have designed secure block ciphers against these cryptanalyses. In this paper, we present new three block cipher structures. And for given r, we prove that differential(linear) probabilities for r-round blockcipher structures are upper bounded by $p^2(q^2),\;2p^2(2q^2)$ if the maximum differential(linear) probability is p(q) and the round function is a bijective function.

Zero-Correlation Linear Cryptanalysis of Reduced Round ARIA with Partial-sum and FFT

  • Yi, Wen-Tan;Chen, Shao-Zhen;Wei, Kuan-Yang
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.1
    • /
    • pp.280-295
    • /
    • 2015
  • Block cipher ARIA was first proposed by some South Korean experts in 2003, and later, it was established as a Korean Standard block cipher algorithm by Korean Agency for Technology and Standards. In this paper, we focus on the security evaluation of ARIA block cipher against the recent zero-correlation linear cryptanalysis. In addition, Partial-sum technique and FFT (Fast Fourier Transform) technique are used to speed up the cryptanalysis, respectively. We first introduce some 4-round linear approximations of ARIA with zero-correlation, and then present some key-recovery attacks on 6/7-round ARIA-128/256 with the Partial-sum technique and FFT technique. The key-recovery attack with Partial-sum technique on 6-round ARIA-128 needs $2^{123.6}$ known plaintexts (KPs), $2^{121}$ encryptions and $2^{90.3}$ bytes memory, and the attack with FFT technique requires $2^{124.1}$ KPs, $2^{121.5}$ encryptions and $2^{90.3}$ bytes memory. Moreover, applying Partial-sum technique, we can attack 7-round ARIA-256 with $2^{124.6}$ KPs, $2^{203.5}$ encryptions and $2^{152}$ bytes memory and 7-round ARIA-256 employing FFT technique, requires $2^{124.7}$ KPs, $2^{209.5}$ encryptions and $2^{152}$ bytes memory. Our results are the first zero-correlation linear cryptanalysis results on ARIA.

Design and Analysis of the Block Cipher Using Extended Feistel Structure (확장된 Feistel 구조를 이용한 Block Cipher의 설계와 분석)

  • 임웅택;전문석
    • Journal of the Korea Computer Industry Society
    • /
    • v.4 no.4
    • /
    • pp.523-532
    • /
    • 2003
  • In this paper, we designed a 128-bit block cipher, Lambda, which has 16-round extended Feistel structure and analyzed its secureness by the differential cryptanalysis and linear cryptanalysis. We could have full diffusion effect from the two rounds of the Lambda. Because of the strong diffusion effect of the algorithm, we could get a 8-round differential characteristic with probability $2^{-192}$ and a linear characteristic with probability $2^{-128}$. For the Lambda with 128-bit key, there is no shortcut attack, which is more efficient than the exhaustive key search, for more than 8 rounds of the algorithm.

  • PDF

A Study on the Design and Cryptanalysis of 80-bit Block Cipher Algorithm(80-DES) (80비트 블록 암호알고리즘(80-DES)의 설계 및 비도분석에 관한 연구)

  • Yoon, Yong-Jung;Kong, Hun-Taek;Nam, Kil-Hyun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.5 no.1
    • /
    • pp.25-36
    • /
    • 1995
  • Differential Cryptanalysis(DC) and Linear Cryptanalysis(LC) are considered to be efficient attack methods which could be applied to DES and other DES-like private key Cryptosystems. This paper analyzes the DC and LC attack to DES and design a 80-bit block Cipher (80-DES) which could be strong against DC and LC Attack.

  • PDF