Meet-in-the-middle technique for integral attacks against Feistel ciphers. (English) Zbl 1327.94073
Knudsen, Lars R. (ed.) et al., Selected areas in cryptography. 19th international conference, SAC 2012, Windsor, Canada, August 15–16, 2012. Revised selected papers. Berlin: Springer (ISBN 978-3-642-35998-9/pbk; 978-3-642-35999-6/ebook). Lecture Notes in Computer Science 7707, 234-251 (2013).
Summary: In this paper, an improvement for integral attacks against Feistel ciphers is discussed. The new technique can reduce the complexity of the key recovery phase. This possibly leads to an extension of the number of attacked rounds. In the integral attack, an attacker guesses a part of round keys and performs the partial decryption. The correctness of the guess is judged by examining whether the XOR sum of the results becomes 0 or not. In this paper, it is shown that the computation of the XOR sum of the partial decryptions can be divided into two independent parts if the analysis target adopts the Feistel network or its variant. Then, correct key candidates are efficiently obtained with the meet-in-the-middle approach. The effect of our technique is demonstrated for several Feistel ciphers. Improvements on integral attacks against LBlock, HIGHT, and CLEFIA are presented. Particularly, the number of attacked rounds with integral analysis is extended for LBlock.
For the entire collection see [Zbl 1321.94007].
For the entire collection see [Zbl 1321.94007].
MSC:
| 94A60 | Cryptography |
References:
| [1] | Daemen, J.; Knudsen, L. R.; Rijmen, V.; Biham, E., The Block Cipher SQUARE, Fast Software Encryption, 149-165 (1997), Heidelberg: Springer, Heidelberg · Zbl 1385.94025 · doi:10.1007/BFb0052343 |
| [2] | Knudsen, L. R.; Wagner, D.; Daemen, J.; Rijmen, V., Integral Cryptanalysis, Fast Software Encryption, 112-127 (2002), Heidelberg: Springer, Heidelberg · Zbl 1045.94527 · doi:10.1007/3-540-45661-9_9 |
| [3] | Daemen, J., Rijmen, V.: AES Proposal: Rijndael (1998) · Zbl 1065.94005 |
| [4] | Daemen, J., Rijmen, V.: The design of Rijndeal: AES - the Advanced Encryption Standard (AES). Springer (2002) · Zbl 1065.94005 |
| [5] | Ferguson, N.; Kelsey, J.; Lucks, S.; Schneier, B.; Stay, M.; Wagner, D.; Whiting, D. L.; Schneier, B., Improved Cryptanalysis of Rijndael, Fast Software Encryption, 213-230 (2001), Heidelberg: Springer, Heidelberg · Zbl 0994.68631 · doi:10.1007/3-540-44706-7_15 |
| [6] | Lucks, S.; Matsui, M., The Saturation Attack - A Bait for Twofish, Fast Software Encryption, 1-15 (2002), Heidelberg: Springer, Heidelberg · Zbl 1073.68636 · doi:10.1007/3-540-45473-X_1 |
| [7] | He, Y.; Qing, S.; Qing, S.; Okamoto, T.; Zhou, J., Square Attack on Reduced Camellia Cipher, Information and Communications Security, 238-245 (2001), Heidelberg: Springer, Heidelberg · Zbl 1050.94525 · doi:10.1007/3-540-45600-7_27 |
| [8] | Lei, D.; Chao, L.; Feng, K.; Preneel, B.; Tavares, S., New Observation on Camellia, Selected Areas in Cryptography, 51-64 (2006), Heidelberg: Springer, Heidelberg · Zbl 1151.94536 · doi:10.1007/11693383_4 |
| [9] | Duo, L.; Li, C.; Feng, K.; Qing, S.; Imai, H.; Wang, G., Square Like Attack on Camellia, Information and Communications Security, 269-283 (2007), Heidelberg: Springer, Heidelberg · doi:10.1007/978-3-540-77048-0_21 |
| [10] | Yeom, Y.; Park, S.; Kim, I.; Daemen, J.; Rijmen, V., On the Security of CAMELLIA against the Square Attack, Fast Software Encryption, 89-99 (2002), Heidelberg: Springer, Heidelberg · Zbl 1045.94537 · doi:10.1007/3-540-45661-9_7 |
| [11] | Li, Y.; Wu, W.; Zhang, L.; Jung, S.; Yung, M., Improved Integral Attacks on Reduced-Round CLEFIA Block Cipher, Information Security Applications, 28-39 (2012), Heidelberg: Springer, Heidelberg · doi:10.1007/978-3-642-27890-7_3 |
| [12] | Shirai, T.; Shibutani, K.; Akishita, T.; Moriai, S.; Iwata, T.; Biryukov, A., The 128-Bit Blockcipher CLEFIA (Extended Abstract), Fast Software Encryption, 181-195 (2007), Heidelberg: Springer, Heidelberg · Zbl 1186.94471 · doi:10.1007/978-3-540-74619-5_12 |
| [13] | Liu, F.; Ji, W.; Hu, L.; Ding, J.; Lv, S.; Pyshkin, A.; Weinmann, R.-P.; Pieprzyk, J.; Ghodosi, H.; Dawson, E., Analysis of the SMS4 Block Cipher, Information Security and Privacy, 158-170 (2007), Heidelberg: Springer, Heidelberg · Zbl 1213.94121 · doi:10.1007/978-3-540-73458-1_13 |
| [14] | Ji, W.; Hu, L.; Chen, L.; Mu, Y.; Susilo, W., Square Attack on Reduced-Round Zodiac Cipher, Information Security Practice and Experience, 377-391 (2008), Heidelberg: Springer, Heidelberg · doi:10.1007/978-3-540-79104-1_27 |
| [15] | Zhang, P.; Sun, B.; Li, C.; Garay, J. A.; Miyaji, A.; Otsuka, A., Saturation Attack on the Block Cipher HIGHT, Cryptology and Network Security, 76-86 (2009), Heidelberg: Springer, Heidelberg · Zbl 1287.94106 · doi:10.1007/978-3-642-10433-6_6 |
| [16] | Wu, W.; Zhang, L.; Lopez, J.; Tsudik, G., LBlock: A Lightweight Block Cipher, Applied Cryptography and Network Security, 327-344 (2011), Heidelberg: Springer, Heidelberg · Zbl 1250.94047 · doi:10.1007/978-3-642-21554-4_19 |
| [17] | Bogdanov, A.; Rechberger, C.; Biryukov, A.; Gong, G.; Stinson, D. R., A 3-Subset Meet-in-the-Middle Attack: Cryptanalysis of the Lightweight Block Cipher KTANTAN, Selected Areas in Cryptography, 229-240 (2011), Heidelberg: Springer, Heidelberg · Zbl 1292.94032 · doi:10.1007/978-3-642-19574-7_16 |
| [18] | Chaum, D.; Evertse, J.-H.; Williams, H. C., Cryptanalysis of DES with a Reduced Number of Rounds, Advances in Cryptology, 192-211 (1986), Heidelberg: Springer, Heidelberg |
| [19] | Diffie, W., Hellman, M.E.: Exhaustive cryptanalysis of the NBS Data Encryption Standard. Computer 6(10) (1977) |
| [20] | Suzaki, T.; Minematsu, K.; Morioka, S.; Kobayashi, E.; Knudsen, L. R.; Wu, H., TWINE: A Lightweight Block Cipher for Multiple Platforms, SAC 2012, 340-355 (2012), Heidelberg: Springer, Heidelberg |
| [21] | Liu, Y.; Gu, D.; Liu, Z.; Li, W.; Ryan, M. D.; Smyth, B.; Wang, G., Impossible Differential Attacks on Reduced-Round LBlock, Information Security Practice and Experience, 97-108 (2012), Heidelberg: Springer, Heidelberg · Zbl 1291.94119 · doi:10.1007/978-3-642-29101-2_7 |
| [22] | Minier, M.; Naya-Plasencia, M., A related key impossible differential attack against 22 rounds of the lightweight block cipher LBlock, Inf. Process. Lett., 112, 16, 624-629 (2012) · Zbl 1250.94040 · doi:10.1016/j.ipl.2012.04.012 |
| [23] | Chen, J.; Wang, M.; Preneel, B.; Mitrokotsa, A.; Vaudenay, S., Impossible Differential Cryptanalysis of the Lightweight Block Ciphers TEA, XTEA and HIGHT, Progress in Cryptology - AFRICACRYPT 2012, 117-137 (2012), Heidelberg: Springer, Heidelberg · Zbl 1304.94039 · doi:10.1007/978-3-642-31410-0_8 |
| [24] | Koo, B.; Hong, D.; Kwon, D.; Rhee, K.-H.; Nyang, D., Related-Key Attack on the Full HIGHT, Information Security and Cryptology - ICISC 2010, 49-67 (2011), Heidelberg: Springer, Heidelberg · Zbl 1297.94081 · doi:10.1007/978-3-642-24209-0_4 |
| [25] | Tezcan, C.; Gong, G.; Gupta, K. C., The Improbable Differential Attack: Cryptanalysis of Reduced Round CLEFIA, Progress in Cryptology - INDOCRYPT 2010, 197-209 (2010), Heidelberg: Springer, Heidelberg · Zbl 1253.94069 · doi:10.1007/978-3-642-17401-8_15 |
| [26] | Mala, H.; Dakhilalian, M.; Shakiba, M., Impossible differential attacks on 13-round CLEFIA-128, J. Comput. Sci. Technol., 26, 4, 744-750 (2011) · Zbl 1280.94082 · doi:10.1007/s11390-011-1173-0 |
| [27] | Hong, D.; Sung, J.; Hong, S. H.; Lim, J.-I.; Lee, S.-J.; Koo, B.-S.; Lee, C.-H.; Chang, D.; Lee, J.; Jeong, K.; Kim, H.; Kim, J.-S.; Chee, S.; Goubin, L.; Matsui, M., HIGHT: A New Block Cipher Suitable for Low-Resource Device, Cryptographic Hardware and Embedded Systems - CHES 2006, 46-59 (2006), Heidelberg: Springer, Heidelberg · Zbl 1307.94058 · doi:10.1007/11894063_4 |
| [28] | Verizon: Data Breach Investigations Report. Tech. rep. (2012), http://www.wired.com/images_blogs/threatlevel/2012/03/Verizon-Data-Breach-Report-2012.pdf |
| [29] | VirusTotal Public API, https://www.virustotal.com/documentation/public-api/ |
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.
