The Cube Attack on Courtois Toy Cipher
نویسنده
چکیده
The cube attack has been introduced by Itai Dinur and Adi Shamir [8] as a known plaintext attack on symmetric primitives. The attack has been applied to reduced variants of the stream ciphers Trivium [3, 8] and Grain-128 [2], reduced to three rounds variant of the block cipher Serpent [9] and reduced version of the hash function MD6 [3]. In the special case the attack has appeared in the M. Vielhaber ePrint articles [13, 14], where it has been named AIDA (Algebraic Initial Value Differential Attack) and applied to the modified versions of Trivium. In this paper, we present the experimental results of application the cube attack to four rounds of the Courtois Toy Cipher (CTC) with the full recovery of 120-bit key. After that we extend the attack to five rounds by applying the meet-in-the-middle principle.
منابع مشابه
Algebraic Attacks on the Courtois Toy Cipher
Block ciphers are fundamental building block of modern cryptography. Recently, a new technique to attack block ciphers has emerged called “algebraic attacks”. These attacks work by expressing block ciphers as quadratic equation systems and solving those systems of equations. In May 2006 Nicolas Courtois – author of many influential research papers on algebraic attacks – presented a toy cipher c...
متن کاملExtension of Cube Attack with Probabilistic Equations and its Application on Cryptanalysis of KATAN Cipher
Cube Attack is a successful case of Algebraic Attack. Cube Attack consists of two phases, linear equation extraction and solving the extracted equation system. Due to the high complexity of equation extraction phase in finding linear equations, we can extract nonlinear ones that could be approximated to linear equations with high probability. The probabilistic equations could be considered as l...
متن کاملAlgebraic, AIDA/Cube and Side Channel Analysis of KATAN Family of Block Ciphers
This paper presents the first results on AIDA/cube, algebraic and sidechannel attacks on variable number of rounds of all members of the KATAN family of block ciphers. Our cube attacks reach 60, 40 and 30 rounds of KATAN32, KATAN48 and KATAN64, respectively. In our algebraic attacks, we use SAT solvers as a tool to solve the quadratic equations representation of all KATAN ciphers. We introduced...
متن کاملLinear Cryptanalysis of CTC
CTC is a toy cipher designed by Courtois in order to prove the strength of algebraic attacks. In this paper we study the differential and the linear behavior of the 85 S-boxes version, which is attacked using algebraic techniques faster than exhaustive key search. We show that an n-round variant of the cipher can be attacked by a linear attack using only 2 known plaintexts, with a negligible ti...
متن کاملElimLin Algorithm Revisited
ElimLin is a simple algorithm for solving polynomial systems of multivariate equations over small finite fields. It was initially proposed by Courtois to attack DES. It can reveal some hidden linear equations existing in the ideal generated by the system. We report a number of key theorems on ElimLin. Our main result is to characterize ElimLin in terms of a sequence of intersections of vector s...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2017