A Proposal for a New Block Encryption Standard

Abstract. In a recent paper we developed a new cryptanalytic technique based on impossible differentials, and used it to attack the Skipjack encryption algorithm reduced from 32 to 31 rounds. In this paper we describe the application of this technique to the block ciphers IDEA and Khufu. In both cases the new attacks cover more rounds than the best currently known attacks. This demonstrates the power of the new cryptanalytic technique, shows that it is applicable to a larger class of cryptosystems, and develops new technical tools for applying it in new situations.

show abstract

“…It is a modified version of a previous design by the same authors [19], with added strength against differential attacks [6].…”

Section: Cryptanalysis Of Ideamentioning

confidence: 99%

Miss in the Middle Attacks on IDEA and Khufu

Biham

Biryukov

Shamir

1999

Fast Software Encryption

129

132

View full text Add to dashboard Cite

show abstract

“…One can also mention the decorrelation theory [33] and the design of the ciphers C [1] and KFC [2]. At a high level, the three main design paradigms for block ciphers are Feistel structures such as DES, Lai-Massey ciphers such as IDEA [24], and key-alternating ciphers [12,14,15] for which the AES Rijndael is a prominent representative. State-of-the-art block ciphers are quite well understood and provide security against all known attacks.…”

Section: Introductionmentioning

confidence: 99%

Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations

Bogdanov

Knudsen

Leander

et al. 2012

Advances in Cryptology – EUROCRYPT 2012

View full text Add to dashboard Cite

Abstract. This paper considers-for the first time-the concept of keyalternating ciphers in a provable security setting. Key-alternating ciphers can be seen as a generalization of a construction proposed by Even and Mansour in 1991. This construction builds a block cipher P X from an n-bit permutation P and two n-bit keys k0 and k1, settingHere we consider a (natural) extension of the EvenMansour construction with t permutations P1, . . . , Pt and t + 1 keys, k0, . . . , kt. We demonstrate in a formal model that such a cipher is secure in the sense that an attacker needs to make at least 2 2n/3 queries to the underlying permutations to be able to distinguish the construction from random. We argue further that the bound is tight for t = 2 but there is a gap in the bounds for t > 2, which is left as an open and interesting problem. Additionally, in terms of statistical attacks, we show that the distribution of Fourier coefficients for the cipher over all keys is close to ideal. Lastly, we define a practical instance of the construction with t = 2 using AES referred to as AES 2 . Any attack on AES 2 with complexity below 2 85 will have to make use of AES with a fixed known key in a non-black box manner. However, we conjecture its security is 2 128 .

show abstract

“…A challenge from now is a block cipher, such as MISTY [Mat96] and IDEA [LM90], whose encryption/decryption key is 128 bits, i.e.,a = 2 despite an input satisfying a ≥ 2, that is, m = 64 and an output of 64 bits. Meanwhile, according to tandem D-M (Tandem Davies-Meyer) [Sch96] and abreast D-M (Tandem Davies-Meyer) [Sch96], 2m−bit hashed value is obtained in response to an m−bit key.…”

Section: Discussionmentioning

confidence: 99%

Making Hash Functions from Block Ciphers Secure and Efficient by Using Convolutional Codes

Inoue¹,

Sakurai

2000

Public Key Cryptography

View full text Add to dashboard Cite

Abstract. We improve Knudsen-Preneel's constructions for cryptographic hash functions based on block ciphers with error correcting codes. We first modify to extend original constructions, which are effective only for non-binary codes, to the case with binary codes (e.g. BCH codes). We also revise the original method by introducing convolutional codes, whereas the previous adapts only block codes. This reduces the circuit complexity of the hardware-implementation 1/N times in terms of the number of (Davies-Meyer's) module functions than that based block error correcting codes.

show abstract

A Proposal for a New Block Encryption Standard

Cited by 383 publications

References 1 publication

Miss in the Middle Attacks on IDEA and Khufu

Miss in the Middle Attacks on IDEA and Khufu

Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations

Making Hash Functions from Block Ciphers Secure and Efficient by Using Convolutional Codes

Contact Info

Product

Resources

About