Solving sparse linear equations over finite fields
IEEE Transactions on Information Theory
Efficient computation of zero-dimensional Gro¨bner bases by change of ordering
Journal of Symbolic Computation
Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Differential Cryptanalysis of DES-like Cryptosystems
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Differential Cryptanalysis of the Full 16-Round DES
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A new efficient algorithm for computing Gröbner bases without reduction to zero (F5)
Proceedings of the 2002 international symposium on Symbolic and algebraic computation
Algebraic Aspects of the Advanced Encryption Standard (Advances in Information Security)
Algebraic Aspects of the Advanced Encryption Standard (Advances in Information Security)
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Algebraic attacks on stream ciphers with linear feedback
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
An analysis of the XSL algorithm
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Small scale variants of the AES
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Block ciphers sensitive to gröbner basis attacks
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
A zero-dimensional gröbner basis for AES-128
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Polynomial equivalence problems: algorithmic and theoretical aspects
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
An analysis of XSL Applied to BES
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
On the relation between the MXL family of algorithms and Gröbner basis algorithms
Journal of Symbolic Computation
Hi-index | 0.00 |
In this paper, we present an algebraic attack against the Flurry and Curry block ciphers [12,13]. Usually, algebraic attacks against block ciphers only require one message/ciphertext pair to be mounted. In this paper, we investigate a different approach. Roughly, the idea is to generate an algebraic system from the knowledge of several well chosen correlated message/ciphertext pairs. Flurry and Curry are two families of ciphers which fully parametrizable and having a sound design strategy against the most common statistical attacks; i.e. linear and differential attacks. These ciphers are then targets of choices for algebraic attacks. It turns out that our new approach permits to go one step further in the (algebraic) cryptanalysis of difficult instances of Flurry and Curry. To explain the behavior of our attack, we have established an interesting connection between algebraic attacks and high order differential cryptanalysis [32]. From extensive experiments, we estimate that our approach - that we will call "algebraic-high order differential" cryptanalysis - is polynomial when the Sbox is a power function. As a proof of concept, we have been able to break Flurry/Curry - up to 8 rounds - in few hours. We have also investigated the more difficult (and interesting case) of the inverse function. For such function, we have not been able to bound precisely the theoretical complexity, but our experiments indicate that our approach permits to obtain a significant practical gain. We have attacked Flurry/Curry using the inverse Sbox up to 8 rounds.