LOKI—a cryptographic primitive for authentication and secrecy applications
AUSCRYPT '90 Proceedings of the international conference on cryptology on Advances in cryptology
A fast software one-way hash function
Journal of Cryptology
On immunity against Biham and Shamir's “differential cryptanalysis”
Information Processing Letters
Differential cryptanalysis of the data encryption standard
Differential cryptanalysis of the data encryption standard
On the distribution of characteristics in composite permutations
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
On the distribution of characteristics in bijective mappings
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Fast Software Encryption Functions
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Differential Cryptanalysis of the Full 16-Round DES
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Differential cryptanalysis of feal and N-hash
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Markov ciphers and differential cryptanalysis
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Fast data encipherment algorithm FEAL
EUROCRYPT'87 Proceedings of the 6th annual international conference on Theory and application of cryptographic techniques
| Hi-index | 0.00 |
Differential cryptanalysis was introduced as an approach to analyze the security of DES-like cryptosystems. The first example of a DES-like cryptosystem was Lucifer, the direct predecessor of DES, which is still believed by many people to be much more secure than DES, since it has 128 key bits, and since no attacks against (the full variant of) Lucifer were ever reported in the cryptographic literature. In this paper we introduce a new extension of differential cryptanalysis, devised to extend the class of vulnerable cryptosystems. This new extension suggests key-dependent characteristics, called conditional characteristics, selected to enlarge the characteristics' probabilities for keys in subsets of the key space. The application of conditional characteristics to Lucifer shows that more than half of the keys of Lucifer are insecure, and the attack requires about 236 complexity and chosen plaintexts to find these keys. The same extension can also be used to attack a new variant of DES, called RDES, which was designed to be immune against differential cryptanalysis. These new attacks flash new light on the design of DES, and show that the transition of Lucifer to DES strengthened the later cryptosystem.