As far as the Differential Cryptanalysis of reduced round Grain v1 is concerned, the best results were those published by Knellwolf et al. in Asiacrypt 2011. In an extended version of the paper, it was shown that it was possible to retrieve (i) 5 expressions in the Secret Key bits for a variant of Grain v1 that employs 97 rounds (in place of 160) in its Key Scheduling process using 2 chosen IVs...

In the real world, cryptographic computations are often performed on a relatively insecure device which can not be trusted to maintain secrecy of the secret key. Exposure of secret keys is perhaps the most debilitating attack on a cryptosystem since it implies that all security guarantees are lost. The notion of forward security guarantees that the compromise of current secret keys does not com...

In this paper we present a very simple scheme for strengthening the conventional product-sum type PKC which has been long considered insecure against the various attacks such as the secret key attack, LLL attack, etc. We show that with the proposed strengthening scheme, the securities of the conventional product-sum type PKC’s can be much improved.

In this work, we present a practical passive attack on SASI, an ultra-lightweight mutual authentication protocol for RFID. This attack can be used to reveal with overwhelming probability the secret ID of the prover by eavesdropping about 2 authentications. The result dismantles SASI and, more generally, provides a new approach that threatens ultra-lightweight authentication protocols.

Server-Aided Secret Computation(SASC) protocol enables the client(smart card) to borrow the computing power from the server(un trusted auxiliary device like ATM) without revealing the secret information of the client. The previous approach is to decompose the client's secret information into many pieces and to reveal some of them to the server. It signiicantly accelerates the secret computation...

This research study and analyse the various attacks RFID card on Mifare's disadvantage and safety concerns crux of the problem. The key recovery attack method depends on a plaintext-ciphertext pair on the existing relationship, as well as the secret parameters of the pseudo random number for use of the timing inappropriate. We proposed a scheme to improve the mechanisms for authentication, no a...

In this paper a preliminary version of the NTRU signature scheme is cryptanalyzed. The attack exploits a correlation between some bits of a signature and coefficients of a secret random polynomial. The attack does not apply to the next version of the signature scheme.

We introduce subspace trail cryptanalysis, a generalization of invariant subspace cryptanalysis. With this more generic treatment of subspaces we do no longer rely on specific choices of round constants or subkeys, and the resulting method is as such a potentially more powerful attack vector. Interestingly, subspace trail cryptanalysis in fact includes techniques based on impossible or truncate...

The Megamos Crypto transponder is used in one of the most widely deployed electronic vehicle immobilizers. It is used among others in most Audi, Fiat, Honda, Volkswagen and Volvo cars. Such an immobilizer is an antitheft device which prevents the engine of the vehicle from starting when the corresponding transponder is not present. This transponder is a passive RFID tag which is embedded in the...

The paper presents a differential cache trace attack against CLEFIA, a 128 bit block cipher designed by Sony Corporation. The attack shows that such ciphers based on the generalized Feistel structures leak information of the secret key if the cache trace pattern is revealed to an adversary. The attack that we propose is a three staged attack and reveals the entire key with 2 CLEFIA encryptions....