Key-Schedule Cryptoanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES

Authors:
John Kelsey;Bruce Schneier;David Wagner
Affiliations:
-;-;-
Venue:
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Year:
1996

Citing 27
Cited 51

Cryptanalysis of DES with a reduced number of rounds

Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
The real reason for Rivest's phenomenon

Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Chosen-key attacks on a block cipher

Cryptologia
Cycle structure of the DES with weak and semi-weak keys

Proceedings on Advances in cryptology---CRYPTO '86
A known-plaintext attack on two-key triple encryption

EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Differential cryptanalysis of the data encryption standard

Differential cryptanalysis of the data encryption standard
A cryptographic file system for UNIX

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
On simple and secure key distribution

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Differential cryptanalysis of Lucifer

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
New types of cryptanalytic attacks using related keys

EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
On the security of multiple encryption

Communications of the ACM
Fast Software Encryption Functions

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
DES is not a Group

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Differential Cryptanalysis of the Full 16-Round DES

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
A Key-schedule Weakness in SAFER K-64

CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
A General Purpose Technique for Locating Key Scheduling Weakness in DES-like Cryptosystems (Extended Abstract)

ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Cryptanalysis of LOKI

ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Cryptanalysis of LOKI91

ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish)

Fast Software Encryption, Cambridge Security Workshop
SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm

Fast Software Encryption, Cambridge Security Workshop
A Software-Optimised Encryption Algorithm

Fast Software Encryption, Cambridge Security Workshop
Practically Secure Feistel Cyphers

Fast Software Encryption, Cambridge Security Workshop
On the Weak Keys of Blowfish

Proceedings of the Third International Workshop on Fast Software Encryption
Key management in an encrypting file system

USTC'94 Proceedings of the USENIX Summer 1994 Technical Conference on USENIX Summer 1994 Technical Conference - Volume 1
Markov ciphers and differential cryptanalysis

EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Fast data encipherment algorithm FEAL

EUROCRYPT'87 Proceedings of the 6th annual international conference on Theory and application of cryptographic techniques

New Weak-Key Classes of IDEA

ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Contemporary Block Ciphers

Lectures on Data Security, Modern Cryptology in Theory and Practice, Summer School, Aarhus, Denmark, July 1998
Recent Developments in the Design of Conventional Cryptographic Algorithms

State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
Block Ciphers - A Survey

State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
Attacking Triple Encryption

FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
Serpent: A New Block Cipher Proposal

FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
A Revised Version of Crypton - Crypton V1.0

FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Miss in the Middle Attacks on IDEA and Khufu

FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Improved Cryptanalysis of Rijndael

FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Bitslice Ciphers and Power Analysis Attacks

FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Related Key Attacks on Reduced Round KASUMI

FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
A Unified Approach to Related-Key Attacks

Fast Software Encryption
A (Second) Preimage Attack on the GOST Hash Function

Fast Software Encryption
On the Salsa20 Core Function

Fast Software Encryption
Cryptanalysis of the GOST Hash Function

CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Reflection Cryptanalysis of Some Ciphers

INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
The Key-Dependent Attack on Block Ciphers

ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Differential analysis of GOST encryption algorithm

Proceedings of the 3rd international conference on Security of information and networks
Some (in)sufficient conditions for secure hybrid encryption

Information and Computation
Another look at complementation properties

FSE'10 Proceedings of the 17th international conference on Fast software encryption
A practical-time related-key attack on the KASUMI cryptosystem used in GSM and 3G telephony

CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Cryptography for network security: failures, successes and challenges

MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Meet-in-the-middle attacks on reduced-round XTEA

CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Notions and relations for RKA-secure permutation and function families

Designs, Codes and Cryptography
The (related-key) impossible boomerang attack and its application to the AES block cipher

Designs, Codes and Cryptography
Related-key rectangle attack on 42-round SHACAL-2

ISC'06 Proceedings of the 9th international conference on Information Security
New cryptanalytic results on IDEA

ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Differential and rectangle attacks on reduced-round SHACAL-1

INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
SEA: a scalable encryption algorithm for small embedded applications

CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Related-Key differential attacks on cobra-s128, cobra-f64a, and cobra-f64b

Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Advanced slide attacks revisited: realigning slide on DES

Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Applying the AES and its extended versions in a general framework for hiding information in digital images

CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Related-key and meet-in-the-middle attacks on Triple-DES and DES-EXE

ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
Related-key rectangle attacks on reduced versions of SHACAL-1 and AES-192

FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
On the existence of related-key oracles in cryptosystems based on block ciphers

OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I
Related-Key attacks on DDP based ciphers: CIKS-128 and CIKS-128H

INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Related-key attacks on the full-round cobra-f64a and cobra-f64b

SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
A simple related-key attack on the full SHACAL-1

CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Related-Key differential attacks on cobra-h64 and cobra-h128

IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
A related-key attack on block ciphers with weak recurrent key schedules

FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Structure-Based RSA fault attacks

ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
PICARO: a block cipher allowing efficient higher-order side-channel resistance

ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Impossible differential cryptanalysis of the lightweight block ciphers TEA, XTEA and HIGHT

AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Three-subset meet-in-the-middle attack on reduced XTEA

AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Improved slide attacks

FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Related-key rectangle attacks on reduced AES-192 and AES-256

FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Improved attacks on full GOST

FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Zero correlation linear cryptanalysis with reduced data complexity

FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
A methodology for differential-linear cryptanalysis and its applications

FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
On the (in)security of IDEA in various hashing modes

FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Weak keys of the full MISTY1 block cipher for related-key differential cryptanalysis

CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present new athcks on key schedules of block ciphers. These attacks are based on the principles of related-key differential cryptanalysis: attacks that allow both keys and plainkxts t,o be rhoscn with specific diflercnccs. We show how these attacks can be exploited in actual protocols and cryptanalyze the key schedules of a variety of algorithms, including three-key Iriplc-DES.