A Cryptanalytic View of the NSA’s Skipjack Block Cipher Design
Skipjack is a block cipher designed by the NSA for use in US government phones, and commercial mobile and wireless products by AT&T. Among its initial implementations in hardware were the Clipper chip and Fortezza PC cards, which have since influenced the private communications market to be compatible with this technology. For instance, the Fortezza card comes in PCMCIA interface and is a very easy plug-n-play device to add on to mobile and wireless systems to provide encryption for wireless transmissions. Initially classified when it was first proposed, Skipjack was declassified in 1998 and sparked numerous security analyses from security researchers worldwide because it provides insight into the state-of-the-art security design techniques used by a highly secretive government intelligence agency such as the NSA. In this paper, commemorating over a decade since Skipjack’s public revelation, we revisit the security of Skipjack against cryptanalytic results and discuss why certain attack approaches fare better with reference to Skipjack’s design structure.
KeywordsBlock Ciphers Skipjack NSA Distinguisher Cryptanalysis
Unable to display preview. Download preview PDF.
- 12.Brickell, E.F., Denning, D.E., Kent, S.T., Maher, D.P., Tuchman, W.: SKIPJACK Review: The SKIPJACK Algorithm, Interim Report, July 28 (1993)Google Scholar
- 16.Hui, L.C.K., Wang, X.Y., Chow, K.P., Tsang, W.W., Chong, C.F., Chan, H.W.: The Differential Analysis of Reduced Skipjack Variants. In: Chinacrypt 2002 (2002)Google Scholar
- 21.Kim, J., Phan, R.C.-W.: Advanced Differential-Style Cryptanalysis of the NSA’s Skipjack Block Cipher. Cryptologia (in press)Google Scholar
- 23.Knudsen, L.R.: DEAL - a 128-bit Block Cipher., Technical Report 151, Department of Informatics, University of Bergen, Norway, Submitted as an AES candidate (February 1998)Google Scholar
- 24.Knudsen, L.R., Robshaw, M.J.B., Wagner, D.: Truncated Differentials and Skipjack. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 163–180. Springer, Heidelberg (1999)Google Scholar
- 26.Lucks, S., Weis, R.: A Related-key Attack against 14 Rounds of Skipjack., Technical Report, Universitat Mannheim (1999)Google Scholar
- 28.Nakahara Jr., J., Preneel, B., Vandewalle, J.: Square Attacks on Reduced-Round Variants of the Skipjack Block Cipher, IACR ePrint Archive, 2002/003 (2002)Google Scholar
- 29.National Institute of Standards and Technology (NIST), Skipjack and KEA Algorithm Specifications. Version 2 (1998)Google Scholar
- 30.Phan, R.C.-W.: Cryptanalysis of the Advanced Encryption Standard (AES) & Skipjack. M. Eng. Sc. Thesis, Multimedia University (May 2001)Google Scholar
- 31.Phan, R.C.-W.: Related-key Impossible Differential Cryptanalysis of Skipjack (2002) (unpublished manuscript) (submitted)Google Scholar
- 34.Schneier, B., Banisar, D.: The Electronic Privacy Papers. John Wiley & Sons, Chichester (1997)Google Scholar