Maria-Bristena Oprisanu scite author profile

Maria-Bristena Oprisanu

2Publications

58Citation Statements Received

22Citation Statements Given

How they've been cited

How they cite others

Affiliations

Making View (Norway)

Publications

Order By: Most citations

Linear cryptanalysis and block cipher design in East Germany in the 1970s

Courtois¹,

Oprisanu

Schmeh

2018

Cryptologia

View full text Add to dashboard Cite

Linear Cryptanalysis (LC) is an important code-breaking method which has become popular in the 1990s and has roots in earlier research [Shamir,Davies] in the 1980s. In this article we show evidence that Linear Cryptanalysis is even older. According to documents from the former Eastern German cipher authority ZCO, systematic study of linear characteristics for non-linear Boolean functions was routinely performed already in the 1970s. At the same period Eastern German cryptologists have produced an excessively complex set of requirements known as KT1, which the long term keys are required to satisfy and keys of this type were in widespread use to encrypt communications in the 1980s. An interesting question is then, to see if KT1 keys offer some level of protection against linear cryptanalysis. In this article we demonstrate that (strangely) not really. This is demonstrated by constructing specific counter-examples of pathologically weak keys which satisfy all the requirements of KT1.However, as T-310 is used in a stream cipher mode that uses only a tiny part of the internal state for actual encryption, it remains unclear whether this type of weak keys could lead to key recovery attacks on T-310.

show abstract

Ciphertext-only attacks and weak long-term keys in T-310

Courtois¹,

Oprisanu

2018

Cryptologia

View full text Add to dashboard Cite

T-310 is an important Cold War cipher [22]. It was the principal encryption algorithm used to protect various state communication lines in Eastern Germany in the 1980s. The cipher is quite robust and it outputs extremely few bits from the internal state. In this article we study the choice of the long-term key in T-310. The main result is to show that if a key is faulty, communications can be decrypted in a ciphertextonly scenario. The attack becomes possible when the round function is not bijective. For example we demonstrate that this can happen if we omit to check just one highly technical condition out of many which the long-term keys are expected to satisfy. We provide mathematical proofs that the main historical key classes KT1 and KT2 are secure against such attacks.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.