Differential Cryptanalysis of the Full 16-Round DES
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On Probability of Success in Linear and Differential Cryptanalysis
Journal of Cryptology
PRESENT: An Ultra-Lightweight Block Cipher
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Specific S-Box Criteria in Algebraic Attacks on Block Ciphers with Several Known Plaintexts
Research in Cryptology
PolyBoRi: A framework for Gröbner-basis computations with Boolean polynomials
Journal of Symbolic Computation
Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Algebraic Techniques in Differential Cryptanalysis
Fast Software Encryption
Algebraic Cryptanalysis
Linear (Hull) and Algebraic Cryptanalysis of the Block Cipher PRESENT
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Towards Secure and Practical MACs for Body Sensor Networks
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Algebraic attacks on stream ciphers with linear feedback
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Algebraic cryptanalysis of the data encryption standard
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Differential cryptanalysis of reduced-round PRESENT
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Multiple differential cryptanalysis: theory and practice
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Algebraic precomputations in differential and integral cryptanalysis
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Linear cryptanalysis of reduced-round PRESENT
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
| Hi-index | 0.00 |
At FSE 2009, Albrecht et al. proposed a new cryptanalytic method that combines algebraic and differential cryptanalysis. They introduced three new attacks, namely Attack A, Attack B and Attack C. For Attack A, they explain that the time complexity is difficult to determine. The goal of Attacks B and C is to filter out wrong pairs and then recover the key. In this paper, we show that Attack C does not provide an advantage over differential cryptanalysis for typical block ciphers, because it cannot be used to filter out any wrong pairs that satisfy the ciphertext differences. Furthermore, we explain why Attack B provides no advantage over differential cryptanalysis for PRESENT. We verify our results for PRESENT experimentally, using both PolyBoRi and MiniSat. Our work helps to understand which equations are important in the differential-algebraic attack. Based on our findings, we present two new differential-algebraic attacks. Using the first method, our attack on 15-round PRESENT-80 requires 259 chosen plaintexts and has a worstcase time complexity of 273.79 equivalent encryptions. Our new attack on 14-round PRESENT-128 requires 255 chosen plaintexts and has a worstcase time complexity of 2112.83 equivalent encryptions. Although these attacks have a higher time complexity than the differential attacks, their data complexity is lower.