Search Results

You are looking at 1 - 10 of 13 items for :

  • "cryptanalysis" x
Clear All

Abstract  

This paper considers security implications of k-normal Boolean functions when they are employed in certain stream ciphers. A generic algorithm is proposed for cryptanalysis of the considered class of stream ciphers based on a security weakness of k-normal Boolean functions. The proposed algorithm yields a framework for mounting cryptanalysis against particular stream ciphers within the considered class. Also, the proposed algorithm for cryptanalysis implies certain design guidelines for avoiding certain weak stream cipher constructions. A particular objective of this paper is security evaluation of stream cipher Grain-128 employing the developed generic algorithm. Contrary to the best known attacks against Grain-128 which provide complexity of a secret key recovery lower than exhaustive search only over a subset of secret keys which is just a fraction (up to 5%) of all possible secret keys, the cryptanalysis proposed in this paper provides significantly lower complexity than exhaustive search for any secret key. The proposed approach for cryptanalysis primarily depends on the order of normality of the employed Boolean function in Grain-128. Accordingly, in addition to the security evaluation insights of Grain-128, the results of this paper are also an evidence of the cryptographic significance of the normality criteria of Boolean functions.

Restricted access
Authors: Willi Geiselmann and Rainer Steinwandt

Abstract  

We demonstrate that in the present form the public key cryptosystem suggested by A. Pethő in [Pet91] is insecure – even if the additional restriction from [Laš92] is imposed: using elementary linear algebra over the integers the private key or an equivalent decryption key can often be revealed easily.

Restricted access

Since Gentry’s breakthrough result was introduced in the year 2009, the homomorphic encryption has become a very popular topic. The main contribution of Gentry’s thesis [5] was, that it has proven, that it actually is possible to design a fully homomorphic encryption scheme. However ground-breaking Gentry’s result was, the designs, that employ the bootstrapping technique suffer from terrible performance both in key generation and homomorphic evaluation of circuits. Some authors tried to design schemes, that could evaluate homomorphic circuits of arbitrarily many inputs without need of bootstrapping. This paper introduces the notion of symmetric homomorphic encryption, and analyses the security of four such proposals, published in three different papers ([2], [7], [10]). Our result is a known plaintext key-recovery attack on every one of these schemes.

Restricted access

HaF is a family of hash functions developed in Poland at Poznán University of Technology, see [1, 2]. It is a classical Merkle-Damgård construction with the output sizes of 256, 512 or 1024 bits. In this paper we present a collision attack with negligible complexity (collisions can be found without using a computer) for all the members of HaF family. We have also shown that the improved function (without the critical transformation) is still insecure. It is possible to find a preimage for a short message with the complexity lower than the exhaustive search. We are also able to create some fixed points with a complexity of single compression function call.

Restricted access

Abstract  

In this paper we look at the security of two block ciphers which were both claimed in the published literature to be secure against differential crypt-analysis (DC). However, a more careful examination shows that none of these ciphers is very secure against... differential cryptanalysis, in particular if we consider attacks with sets of differentials. For both these ciphers we report new perfectly periodic (iterative) aggregated differential attacks which propagate with quite high probabilities. The first cipher we look at is GOST, a well-known Russian government encryption standard. The second cipher we look at is PP-1, a very recent Polish block cipher. Both ciphers were designed to withstand linear and differential cryptanalysis. Unhappily, both ciphers are shown to be much weaker than expected against advanced differential attacks. For GOST, we report better and stronger sets of differentials than the best currently known attacks presented at SAC 2000 [32] and propose the first attack ever able to distinguish 16 rounds of GOST from random permutation. For PP-1 we show that in spite of the fact, that its S-box has an optimal theoretical security level against differential cryptanalysis [17], [29], our differentials are strong enough to allow to break all the known versions of the PP-1 cipher.

Restricted access

Abstract  

In our constribution we explore a combination of local reduction with the method of syllogisms and the applications of generic guessing strategies in the cryptanalysis of the block cipher GOST. Our experiments show that GOST with 64/128/256 bit key requires at least 12/16/22 rounds to achieve full bit security against the method of syllogisms combined with the “maximum impact” strategy.

Restricted access

] Bard , G. , Algebraic Cryptanalysis , Springer, 2009 . [2] Courtois , N. , et al. , ElimLin Algorithm Revisited , in: Fast Software Encryption , Springer

Restricted access
Authors: Nicolas T. Courtois, Theodosis Mourouzis, Anna Grocholewska-Czuryło and Jean-Jacques Quisquater

References [1] Albrecht , Martin and Leander , Gregor , An All-In-One Approach to Differential Cryptanalysis for Small Block Ciphers , preprint available at

Restricted access

. [4] Biryukov , A. , Cannière , C. D. , Braeken , A. and Preneel , B. , A toolbox for cryptanalysis: Linear and affine equivalence algorithms , in: E. Biham (ed.) Advances in Cryptology

Restricted access

We analyze the effect of data-compression on security of encryption both from theoretical and practical point of view. It is demonstrated that data-compression essentially improves the security of encryption, helps to overcome technical difficulties. On the other side, it makes crypt-analysis more difficult and causes extra problems. At present data-compression applied rarely and frequently defectively. We propose a method which eliminates the negative effects. Our aim is initiate data compression as an aid for data security. To this end we provide an overview of the most frequently used cryptographic protocols. A comparison with encryption software reveals that even the most frequently used protocols do not support encryption and compression.

Restricted access