Truncated Differentials and Skipjack
نویسندگان
چکیده
We consider a range of attacks on reduced-round variants of the block cipher Skipjack. In particular we concentrate on the role of truncated differentials and consider what insight they give us into the design and long-term security of Skipjack. An attack on the full 32 rounds of Skipjack remains elusive. However we give attacks on the first 16 rounds of Skipjack that can efficiently recover the key with about 2 chosen plaintexts and an attack on the middle sixteen rounds of Skipjack which recovers the secret key using only two chosen plaintexts. Several highprobability truncated differentials are presented the existence of which might best be described as surprising. Most notably, we show that the techniques used by Biham et al. can be presented in terms of truncated differentials and that there exists a 24-round truncated differential that holds with probability one.
منابع مشابه
Observations of Skipjack-like Structure with SP/SPS Round Function
Impossible differential cryptanalysis is an important tool for evaluating the security level of a block cipher, and the key step of this cryptanalysis is to find the longest impossible differential. This paper focuses on retrieving impossible differentials for m-cell Skipjack-like structure with SP/SPS round function (named SkipjackSP and SkipjackSPS resp.). Up to now, known longest impossible ...
متن کاملImprovements for Finding Impossible Differentials of Block Cipher Structures
In this paper we improve Wu and Wang’s method for finding impossible differentials of block cipher structures. This improvement is more general than Wu and Wang’s method that it can find more impossible differentials with less time. We apply it on GenCAST256, Misty, Gen-Skipjack, Four-Cell, Gen-MARS, SMS4, MIBS, Camellia*, LBlock, E2 and SNAKE block ciphers. All impossible differentials discove...
متن کامل1 Self evaluation of FEAL - NX
1 Evaluation of security 1.1. Differential cryptanalysis In extending differential cryptanalysis, Aoki , Kobayashi, and Moriai [1] greatly reduced the computational amount needed [2]. They determined that differential cryptanalysis could not be applied to FEAL with more than 32 rounds. Biham et al. [3] proposed a new cyptanalysis of Skipjack [4] using impossible differentials. Although regular ...
متن کاملA unified method for finding impossible differentials of block cipher structures
In this paper, we propose a systematic method for finding impossible differentials for block cipher structures, better than the Umethod introduced by Kim et al [4]. It is referred as a unified impossible differential finding method (UID-method). We apply the UID-method to some popular block ciphers such as Gen-Skipjack, Gen-CAST256, GenMARS, Gen-RC6, Four-Cell, SMS4 and give the detailed imposs...
متن کاملImpossible differential and square attacks: Cryptanalytic link and application to Skipjack
This paper shows a surprising similarity between the construction of, respectively, impossible differentials and square distinguishers. This observation is illustrated by comparing two attacks on IDEA (Biham & al., FSE’99 [2], Nakahara & al., 2001 [7]). Using this similarity, we also derive a 16-round square distinguisher on Skipjack, directly based on the impossible differential attack present...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 1999