Advertisement

New Combined Attacks on Block Ciphers

  • Eli Biham
  • Orr Dunkelman
  • Nathan Keller
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3557)

Abstract

Differential cryptanalysis and linear cryptanalysis are the most widely used techniques for block ciphers cryptanalysis. Several attacks combine these cryptanalytic techniques to obtain new attacks, e.g., differential-linear attacks, miss-in-the-middle attacks, and boomerang attacks.

In this paper we present several new combinations: we combine differentials with bilinear approximations, higher-order differentials with linear approximations, and the boomerang attack with linear, with differential-linear, with bilinear, and with differential-bilinear attacks. We analyze these combinations and present examples of their usefulness. For example, we present a 6-round differential-bilinear approximation of s5DES with a bias of 1/8, and use it to attack 8-round s5DES using only 384 chosen plaintexts. We also enlarge a weak key class of IDEA by a factor of 512 using the higher-order differential-linear technique. We expect that these attacks will be useful against larger classes of ciphers.

Keywords

Linear Approximation Block Cipher Bilinear Term Linear Cryptanalysis Bilinear Approximation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Anderson, R., Biham, E., Knudsen, L.R.: Serpent: A Proposal for the Advanced Encryption Standard, NIST AES Proposal (1998)Google Scholar
  2. 2.
    Biham, E.: Higher Order Differential Cryptanalysis (1994) (unpublished paper)Google Scholar
  3. 3.
    Biham, E.: On matsui’s linear cryptanalysis. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 341–355. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  4. 4.
    Biham, E.: Cryptanalysis of ladder-DES. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 134–138. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  5. 5.
    Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (1993)zbMATHGoogle Scholar
  6. 6.
    Biham, E., Biryukov, A., Shamir, A.: Miss in the middle attacks on IDEA and khufu. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 124–138. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  7. 7.
    Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999)Google Scholar
  8. 8.
    Biham, E., Dunkelman, O., Keller, N.: Enhanced Differential-Linear Cryptanalysis. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 254–266. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Biham, E., Dunkelman, O., Keller, N.: Differential-linear cryptanalysis of serpent. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 9–21. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Biryukov, A., Kushilevitz, E.: From differential cryptanalysis to ciphertext-only attacks. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 72–88. Springer, Heidelberg (1998)Google Scholar
  11. 11.
    Biryukov, A., Nakahara, J., Preneel, B., Vandewalle, J.: New weak-key classes of IDEA. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 315–326. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Biryukov, A., Shamir, A.: Structural cryptanalysis of SASAS. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 394–405. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Borst, J., Knudsen, L.R., Rijmen, V.: Two attacks on reduced IDEA. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 1–13. Springer, Heidelberg (1997)Google Scholar
  14. 14.
    Courtois, N.T.: Feistel schemes and bi-linear cryptanalysis. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 23–40. Springer, Heidelberg (2004)Google Scholar
  15. 15.
    Courtois, N.T.: Feistel Schemes and Bi-Linear Cryptanalysis (extended version), private communications (2004)Google Scholar
  16. 16.
    Courtois, N.T.: The Inverse S-box, Non-linear Polynomial Relations and Cryptanalysis of Block Ciphers, private communications (2004)Google Scholar
  17. 17.
    Daemen, J., Govaerts, R., Vandewalle, J.: Weak keys for IDEA. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 224–231. Springer, Heidelberg (1994)Google Scholar
  18. 18.
    Daemen, J., Knudsen, L.R., Rijmen, V.: The block cipher SQUARE. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  19. 19.
    Ferguson, N., Kelsey, J., Lucks, S., Schneier, B., Stay, M., Wagner, D., Whiting, D.L.: Improved cryptanalysis of rijndael. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 213–230. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  20. 20.
    Hawkes, P.: Differential-linear weak key classes of IDEA. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 112–126. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  21. 21.
    Kim, K., Lee, S., Park, S., Lee, D.: How to Strengthen DES against Two Robust Attacks. In: proceedings of Joint Workshop on Information Security and Cryptology (1995)Google Scholar
  22. 22.
    Knudsen, L.: Truncated and Higher Order Differentials, proceedings of Fast Software Encryption 2. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)Google Scholar
  23. 23.
    Knudsen, L.R., Mathiassen, J.E.: A chosen-plaintext linear attack on DES. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 262–272. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  24. 24.
    Knudsen, L.R., Wagner, D.: Integral cryptanalysis. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 112–127. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  25. 25.
    Lai, X.: Higher Order Derivations and Differential Cryptanalysis. In: Communications and Cryptography: Two Sides of One Tapestry, pp. 227–233. Kluwer Academic Publishers, Dordrecht (1994)Google Scholar
  26. 26.
    Lai, X., Massey, J.L.: A proposal for a new block encryption standard. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 389–404. Springer, Heidelberg (1991)Google Scholar
  27. 27.
    Langford, S.K.: Differential-Linear Cryptanalysis and Threshold Signatures, Ph.D. thesis (1995)Google Scholar
  28. 28.
    Langford, S.K., Hellman, M.E.: Differential-linear cryptanalysis. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 17–25. Springer, Heidelberg (1994)Google Scholar
  29. 29.
    Lucks, S.: The saturation attack - A bait for twofish. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 1–15. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  30. 30.
    Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)Google Scholar
  31. 31.
    Matsui, M., Yamagishi, A.: A new method for known plaintext attack of FEAL cipher. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 81–91. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  32. 32.
    US National Bureau of Standards, Data Encryption Standard, Federal Information Processing Standards Publications No. 46 (1977)Google Scholar
  33. 33.
    Shimizu, A., Miyaguchi, S.: Fast data encipherment algorithm FEAL. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 267–278. Springer, Heidelberg (1988)Google Scholar
  34. 34.
    Shin, Y., Kim, J., Kim, G., Hong, S., Lee, S.: Differential-linear type attacks on reduced rounds of SHACAL-2. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 110–122. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  35. 35.
    Vaudenay, S.: Provable Security for Block Ciphers by Decorrelation. Journal of Cryptology 16(4), 249–286 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  36. 36.
    Wagner, D.: The boomerang attack. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Eli Biham
    • 1
  • Orr Dunkelman
    • 1
  • Nathan Keller
    • 2
  1. 1.Computer Science DepartmentTechnionHaifaIsrael
  2. 2.Einstein Institute of MathematicsHebrew UniversityJerusalemIsrael

Personalised recommendations