12 Hits in 3.4 sec

Related-Key Rectangle Attack on 42-Round SHACAL-2 [chapter]

Jiqiang Lu, Jongsung Kim, Nathan Keller, Orr Dunkelman
2006 Lecture Notes in Computer Science  
In this paper, we present a related-key rectangle attack on 42-round SHACAL-2, which requires 2 243.38 related-key chosen plaintexts and has a running time of 2 488.37 .  ...  This is the best currently known attack on SHACAL-2.  ...  [14] presented a related-key differential-nonlinear attack on 35-round SHACAL-2 and a related-key rectangle attack on 37-round SHACAL-2, where the latter attack is based on a 33-round related-key rectangle  ... 
doi:10.1007/11836810_7 fatcat:3u6msigytnhmlhyu45dnt74s44

Related-Key Rectangle Attacks on Reduced Versions of SHACAL-1 and AES-192 [chapter]

Seokhie Hong, Jongsung Kim, Sangjin Lee, Bart Preneel
2005 Lecture Notes in Computer Science  
In this paper we propose a notion of related-key rectangle attack using 4 related keys. It is based on two consecutive related-key differentials which are independent of each other.  ...  Using this attack we can break SHACAL-1 with 512-bit keys up to 70 rounds out of 80 rounds and AES with 192-bit keys up to 8 rounds out of 12 rounds, which are faster than exhaustive search.  ...  Related-Key Rectangle Attack on Reduced Rounds of SHACAL-1 Firstly, we briefly describe SHACAL-1.  ... 
doi:10.1007/11502760_25 fatcat:2eilee52vjexrovriojbf2naqa

Differential and Rectangle Attacks on Reduced-Round SHACAL-1 [chapter]

Jiqiang Lu, Jongsung Kim, Nathan Keller, Orr Dunkelman
2006 Lecture Notes in Computer Science  
In this paper, we present rectangle attacks on the first 51 rounds and a series of inner 52 rounds of SHACAL-1, and also present differential attacks on the first 49 rounds and a series of inner 55 rounds  ...  These are the best currently known cryptanalytic results on SHACAL-1 in an one key attack scenario.  ...  [8] presented a related-key rectangle attack on the full 80 rounds of SHACAL-1.  ... 
doi:10.1007/11941378_3 fatcat:o6gf2pahznbwjb6wdi5m3krh4e

Analysis of Boomerang Differential Trails via a SAT-Based Constraint Solver URSA [chapter]

Aleksandar Kircanski
2015 Lecture Notes in Computer Science  
In this paper, we propose the use of a SAT-based constraint solver URSA as aid in analysis of differential trails and find that previous rectangle/boomerang attacks on XTEA and SHACAL-1 block ciphers and  ...  Examples include merging two differential trail parts into one or, in the case of boomerang and rectangle attacks, connecting two short trails within the quartet boomerang setting.  ...  In addition, [49] proposed a new related-key rectangle attack that works for 2 504 out of 2 512 keys. To the best of our knowledge, these are the best attacks against SHACAL-1.  ... 
doi:10.1007/978-3-319-28166-7_16 fatcat:ltcgqqdqjjb3pgbxiqb4aqrwey

Second-Order Differential Collisions for Reduced SHA-256 [chapter]

Alex Biryukov, Mario Lamberger, Florian Mendel, Ivica Nikolić
2011 Lecture Notes in Computer Science  
Our analysis also exposes flaws in all of the previously published related-key rectangle attacks on the SHACAL-2 block cipher, which is based on SHA-256.  ...  We provide valid rectangles for 48 steps of SHACAL-2.  ...  Application to SHACAL-2 In the past several related-key rectangle attacks have been published for the SHACAL-2 block cipher [11, 19, 23, 24, 38] .  ... 
doi:10.1007/978-3-642-25385-0_15 fatcat:p4det7oor5h5rntocdrstjvmjy

Cryptanalysis on Block Ciphers [chapter]

2015 Security of Block Ciphers  
rectangle attack on 44-round SHACAL-2. • A related-key rectangle attack on 36-round XTEA. • An impossible differential attack on 25-round reduced HIGHT, a related-key rectangle attack on 26-round reduced  ...  duct a related-key rectangle attack on the first 44 rounds of SHACAL-2.  ...  Summary In this chapter we have presented an impossible differential attack on 25-round HIGHT, a related-key rectangle attack on 26-round HIGHT, and a related-key impossible differential attack on 28-round  ... 
doi:10.1002/9781118660027.ch4 fatcat:zv7gnyul4rgrzhdvmzodgvarxa

Related-Key Boomerang and Rectangle Attacks: Theory and Experimental Analysis

Jongsung Kim, Seokhie Hong, Bart Preneel, Eli Biham, Orr Dunkelman, Nathan Keller
2012 IEEE Transactions on Information Theory  
We conclude that the probability assumptions underlying the technique make sense in real-life ciphers, and thus, related-key boomerang/rectangle attacks on block ciphers are valid in general.  ...  In 2004, we introduced the relatedkey boomerang and related-key rectangle attacks, which allow to enjoy the benefits of these two techniques simultaneously.  ...  Moreover, although an attack model in which the adversary has control over the key difference may seem unrealistic, a related-key differential attack on the block cipher TEA [42] was used to devise a  ... 
doi:10.1109/tit.2012.2191655 fatcat:pwzkgzabqzg2vngeebbf3stzfu

Related-Key Boomerang and Rectangle Attacks [chapter]

Eli Biham, Orr Dunkelman, Nathan Keller
2005 Lecture Notes in Computer Science  
This paper introduces the related-key boomerang and the related-key rectangle attacks. These new attacks can expand the cryptanalytic toolbox, and can be applied to many block ciphers.  ...  The paper ends with a demonstration of the strength of our new proposed techniques with attacks on 10-round AES-192 and the full KASUMI.  ...  We present a related-key rectangle attack on 10-round AES-192 requiring 2 119.2 chosen plaintexts encrypted under one of 64 related keys and time complexity of 2 185.2 memory accesses.  ... 
doi:10.1007/11426639_30 fatcat:lhriavcjofexjjbj46zrxkna6e

Slide Attack on Full-Round ULC Lightweight Block Cipher Designed for IoT

Kai Zhang, Xuejia Lai, Lei Wang, Jie Guan, Bin Hu, Jie Cui
2022 Security and Communication Networks  
In this paper, a slide attack on full-round ULC is proposed in a related key setting. First, two properties on ULC are discovered.  ...  The second property is introduced to construct a link between some round key bits and some master key bits. Based on these properties, a key recovery attack on ULC is proposed.  ...  cipher Rounds attacked/total rounds Data complexity Memory complexity Time complexity Number of related-keys ULC 15/15 O(2 32 ) O(2 32 ) O(2 63 ) 1  ... 
doi:10.1155/2022/4291000 fatcat:lilao7o5vfbhhdergbyjudwdya

A Key Selected S-Box Mechanism and Its Investigation in Modern Block Cipher Design

Jiqiang Lu, Hwajung Seo
2020 Security and Communication Networks  
In 1973, Feistel used a key selected S-box mechanism in his early block cipher designs, whose idea is to let each S-box have two different states and use a key bit to select which of the two states is  ...  In this paper, we revisit Feistel's key selected S-box mechanism, give a generalised version of Feistel's key selected S-box mechanism, compare it with existing close notions, and design the LBC example  ...  Boomerang and Rectangle Attacks.  ... 
doi:10.1155/2020/1457419 fatcat:4kvwfd2vmffdzp2gcanweemt4q

The Delicate Issues of Addition with Respect to XOR Differences [chapter]

Gaoli Wang, Nathan Keller, Orr Dunkelman
Selected Areas in Cryptography  
Our observations are then used to improve a related-key rectangle attack on IDEA by a factor of 2.  ...  We then present some modified differentials which lead to a related-key rectangle attack which can be applied to 2 504 weak keys.  ...  The related-key rectangle attack on 70-round SHACAL-1 [10] uses a 33-round related-key differential characteristic for rounds 0-32 with probability 2 −45 .  ... 
doi:10.1007/978-3-540-77360-3_14 dblp:conf/sacrypt/WangKD07 fatcat:35xlvmhjengwjh2iwsg2nuuzwq

A Unified Approach to Related-Key Attacks [chapter]

Eli Biham, Orr Dunkelman, Nathan Keller
Lecture Notes in Computer Science  
The boomerang attack [44] and the rectangle attack [5] were combined with related-key differentials to introduce the related-key boomerang and related-key rectangle attacks [7, 28, 35] .  ...  Finally, linear cryptanalysis [38] was also combined with related-key attacks to produce a related-key attack on 7.5-round IDEA [8] .  ...  The related-key rectangle technique was successfully applied to several block ciphers, including 10-round AES-192, 10-round AES-256, the full SHACAL-1, the full KASUMI, and 7-round IDEA.  ... 
doi:10.1007/978-3-540-71039-4_5 fatcat:c4rlwgr7lnb53gunnvmlfjgs34