Elements of information theory
Elements of information theory
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Differentially uniform mappings for cryptography
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
On the security of the IDEA block cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Differential Cryptanalysis of DES-like Cryptosystems
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Miss in the Middle Attacks on IDEA and Khufu
FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Markov ciphers and differential cryptanalysis
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Improved DST Cryptanalysis of IDEA
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
New attacks against reduced-round versions of IDEA
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Efficient collision search attacks on SHA-0
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
On the security of HMAC and NMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (extended abstract)
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Hi-index | 7.29 |
This paper describes a new cryptanalytic technique that combines differential cryptanalysis with Shannon entropy. We call it differential entropy (DE). The objective is to exploit the non-uniform distribution of output differences from a given mapping as a distinguishing tool in cryptanalysis. Our preferred target is the IDEA block cipher, since we detected significantly low entropy at the output of its multiplication operation. We looked to further extend this entropy analysis to larger components and for a number of rounds. We present key-recovery attacks on up to 2.5-round IDEA in the single-key model and without weak-key assumptions.