Search Results

You are looking at 1 - 9 of 9 items for :

  • "sets of differentials" x
Clear All

Abstract  

In this paper we look at the security of two block ciphers which were both claimed in the published literature to be secure against differential crypt-analysis (DC). However, a more careful examination shows that none of these ciphers is very secure against... differential cryptanalysis, in particular if we consider attacks with sets of differentials. For both these ciphers we report new perfectly periodic (iterative) aggregated differential attacks which propagate with quite high probabilities. The first cipher we look at is GOST, a well-known Russian government encryption standard. The second cipher we look at is PP-1, a very recent Polish block cipher. Both ciphers were designed to withstand linear and differential cryptanalysis. Unhappily, both ciphers are shown to be much weaker than expected against advanced differential attacks. For GOST, we report better and stronger sets of differentials than the best currently known attacks presented at SAC 2000 [32] and propose the first attack ever able to distinguish 16 rounds of GOST from random permutation. For PP-1 we show that in spite of the fact, that its S-box has an optimal theoretical security level against differential cryptanalysis [17], [29], our differentials are strong enough to allow to break all the known versions of the PP-1 cipher.

Restricted access
Authors: Nicolas T. Courtois, Theodosis Mourouzis, Anna Grocholewska-Czuryło and Jean-Jacques Quisquater

Differential Cryptanalysis (DC) is one of the oldest known attacks on block ciphers. DC is based on tracking of changes in the differences between two messages as they pass through the consecutive rounds of encryption. However DC remains very poorly understood. In his textbook written in the late 1990s Schneier wrote that against differential cryptanalysis, GOST is “probably stronger than DES”. In fact Knudsen have soon proposed more powerful advanced differential attacks however the potential space of such attacks is truly immense. To this day there is no method which allows to evaluate the security of a cipher against such attacks in a systematic way. Instead, attacks are designed and improved in ad-hoc ways with heuristics [6–13,21]. The best differential attack known has time complexity of 2179 [13].

In this paper we show that for a given block cipher there exists an optimal size for advanced differential properties. This new understanding allows to considerably reduce the space to be searched for “good” truncated differential properties suitable for an attack.

Restricted access
Authors: A. Kemmler, H. Anderson, K. Heldt, D. Haberland and B. Hinz

Abstract  

A computer program was developed for kinetic evaluations of calorimetric experiments to predict the further reaction run under adiabatic conditions. Kinetic modeling is based on elementary reaction steps whose rate laws form a set of differential equations. For the continuous parameter optimization time-temperature data and their derivatives are used. A special calorimeter of the ACTRON series with safety equipment was applied to investigate the kinetics of chemical reactions and to test kinetic on-line evaluations. In the paper, examples for the reaction of n-propanol with o-chlornitrobenzene and for the alcoholysis of phenyl isocyanate are given.

Restricted access

Abstract  

A fully automated adiabatic calorimeter controlled on line by a computer used for heat capacity measurements in the temperature range from 80 to 400 K was constructed. The hardware of the calorimetric system consisted of a Data Acquisition/Switch Unit, 34970A Agilent, a 7 1/2 Digit Nano Volt /Micro Ohm Meter, 34420A Agilent, and a P4 computer. The software was developed according to modern controlling theory. The adiabatic calorimeter consisted mainly of a sample cell equipped with a miniature platinum resistance thermometer and an electric heater, two (inner and outer) adiabatic shields, two sets of six junction differential thermocouple piles and a high vacuum can. A Lake Shore 340 Temperature Controller and the two sets of differential thermocouples were used to control the adiabatic conditions between the cell and its surroundings. The reliability of the calorimeter was verified by measuring the heat capacities of synthetic sapphire (α-Al2O3), Standard Reference Material 720. The deviation of the data obtained by this calorimeter from those published by NIST was within ±0.1% in the temperature range from 80 to 400 K.

Restricted access

Regular disease monitoring is currently carried out in the most important Italian wheat growing areas. In 2007–08 stem rust was absent in all locations tested except Montelibretti (Rome, Central Italy), where two common wheat varieties “Arsenal” and “Compair” had stem rust infections. Two stem rust pathotypes were identified by testing in the greenhouse a set of differential lines/varieties carrying known genes for resistance to Puccinia graminis. These pathotypes corresponded to races MSK and PTK on the basis of the North American classification system. Genes Sr24 and Sr25 (both derived from Thinopyrum ponticum) and Sr31 (from Secale cereale), were resistant to the Italian pathotypes, and the lines carrying Sr38 (from Triticum ventricosum) were susceptible.Tests were carried out to determine the seedling stem rust response of durum and common wheat cultivars grown in Italy. Many durum wheat genotypes were resistant to MSK and PTK, while several common wheats were susceptible. The different response of the two species could be due to the source (common wheat) of stem rust inoculum. Molecular PCR markers, linked to Sr24, Sr25, Sr31 and Sr38, were used to detect their presence/absence in the genetic background of the durum and common wheat cultivars. The presence of Sr31 was shown in only two common wheat cultivars (“Colledoro” and “Sollario”), while several genotypes carried Sr38. No common wheat genotype was positive (to PCR analysis) for the presence of Sr24 or Sr25 genes, whereas no durum wheat was positive for the presence of Sr24, Sr25, Sr31 or Sr38.

Restricted access
Authors: István Szalai, Krisztina Kurin-Csörgei and Miklós Orbán

set of differential equations: (4) (5) (6) (7) (8) We assume that the input flow contains species A − , HA, B and C. The [ ] 0 sign denotes the concentrations in the input flow prior to any reactions. We use two control parameters, the flow

Restricted access
Authors: Xuan Tang, Yefei Nan, Fenglin Huang and Xunli Zhang

reactor. The output gas composition after reaction was analyzed with a 16-channel quadrupole mass spectrometer (QMS-200D, European Spectrometry Systems), which was connected to the outlet of the reactor through a set of differentially pumped needle valves

Restricted access
Authors: Ekaterina S. Borovinskaya, Vladimir M. Uvarov, Frank Schael, Dimitry A. de Vekki and Wladimir Reschetilowski

for the kinetic modeling From Scheme 2 , the following set of differential equations with specified initial conditions C A,0 , C B,0 , C C,0 , C D,0 at time t = t 0 , T = 0 °C, and marginal

Restricted access

detailed analysis of the entire absorbance decrease observed during the reaction. The set of differential equations describing a specific reaction model were solved for an initial set of parameters using the Mathematica ® program (Wolfram) and the built

Open access