194 Hits in 5.3 sec

Variants of the Distinguished Point Method for Cryptanalytic Time Memory Trade-Offs [chapter]

Jin Hong, Kyung Chul Jeong, Eun Young Kwon, In-Sok Lee, Daegun Ma
Information Security Practice and Experience  
Variants of the Distinguished Point Method for Cryptanalytic Time Memory Trade-offs (Full version) Jin Hong† , Kyung Chul Jeong‡ , Eun Young  ...  Variants of DP for Cryptanalytic TMTO 5 2.2 Distinguished points The distinguished point method was suggested by Rivest and issues concerning its practical use were investigated in [8, 15].  ... 
doi:10.1007/978-3-540-79104-1_10 dblp:conf/ispec/HongJKLM08 fatcat:2vmepow4d5dihoahb5k4dbvvlu

Characterization and Improvement of Time-Memory Trade-Off Based on Perfect Tables

Gildas Avoine, Pascal Junod, Philippe Oechslin
2008 ACM Transactions on Privacy and Security  
Cryptanalytic time-memory trade-offs have been studied for twenty five years and have benefited from several improvements since the original work of Hellman.  ...  The idea of a time-memory trade-off is to find a trade-off between the exhaustive search and the exhaustive storage.  ...  Thus, if there are N possible solutions to a given problem, a time-memory trade-off can solve it with This journal paper is an extended version of Time-Memory Trade-Offs: False Alarm Detection Using Checkpoints  ... 
doi:10.1145/1380564.1380565 fatcat:tmo3dvtinrd2bbkuhmrapolgxm

Making a Faster Cryptanalytic Time-Memory Trade-Off [chapter]

Philippe Oechslin
2003 Lecture Notes in Computer Science  
In 1980 Martin Hellman described a cryptanalytic time-memory trade-off which reduces the time of cryptanalysis by using precalculated data stored in memory.  ...  Moreover, since the method does not make use of distinguished points, it reduces the overhead due to the variable chain length, which again significantly reduces the number of calculations.  ...  Acknowledgements The author wishes to thank Maxime Mueller for implementing a first version of the experiment.  ... 
doi:10.1007/978-3-540-45146-4_36 fatcat:nnusgxkdqreklpwu5zrz2sp744

Quantum Time/Memory/Data Tradeoff Attacks [article]

Orr Dunkelman, Nathan Keller, Eyal Ronen, Adi Shamir
2021 IACR Cryptology ePrint Archive  
One of the most celebrated and useful cryptanalytic algorithms is Hellman's time/memory tradeoff (and its Rainbow Table variant), which can be used to invert random-looking functions on N possible values  ...  When we generalize the cryptanalytic problem to a time/memory/data tradeoff attack (in which one has to invert f for at least one of D given values), we get the generalized curve T 4/3 M 2 D 2 = N 2 .  ...  We thank the following people for the insightful discussions: Rotem Arnon-Friedman, Gustavo Banegas, Daniel J. Bernstein, Tal Mor, and María Naya-Plasencia.  ... 
dblp:journals/iacr/DunkelmanKRS21 fatcat:mfm63zhcn5a4lnjdqjztzkntpu

Heterogeneous Rainbow Table Widths Provide Faster Cryptanalyses

Gildas Avoine, Xavier Carpent
2017 Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17  
Cryptanalytic time-memory trade-offs are techniques introduced by Hellman in 1980 to speed up exhaustive searches.  ...  We stress that the optimal width of each rainbow table should be individually -although not independently -calculated. So it goes for the memory allocated to each table.  ...  Acknowledgments Xavier Carpent was supported, in part, by a fellowship of the Belgian American Educational Foundation.  ... 
doi:10.1145/3052973.3053030 dblp:conf/ccs/AvoineC17 fatcat:esihh2cr3vcevjtqfcdhs4zvji

A New Variant of Time Memory Trade-Off on the Improvement of Thing and Ying's Attack [chapter]

Zhenqi Li, Yao Lu, Wenhao Wang, Bin Zhang, Dongdai Lin
2012 Lecture Notes in Computer Science  
We find that the cryptanalysis time of their attack is too high to be practical. We also propose a more general time memory trade-off by combining the distinguished points strategy with TY attack.  ...  Both theoretical analysis and experimental results show that our new design can save about 53.7% cryptanalysis time compared to TY attack and can reduce about 35.2% storage requirement compared to the  ...  Cryptanalytic time memory trade-off (TMTO) is a technique that comes between these two extremes.  ... 
doi:10.1007/978-3-642-34129-8_28 fatcat:r5lwvqassjhspibxanfool3zlq

The Full Cost of Cryptanalytic Attacks

Michael J. Wiener
2004 Journal of Cryptology  
An open question about the asymptotic cost of connecting many processors to a large memory using three dimensions for wiring is answered, and this result is used to find the full cost of several cryptanalytic  ...  The full costs of several cryptanalytic attacks are determined, including Shanks' method for computing discrete logarithms in cyclic groups of prime order n, which requires n 1/2+o(1) processor steps,  ...  Acknowledgments I thank Eran Tromer, Arnold Rosenberg, Arjen Lenstra, Bart Preneel, and the anonymous referees for helpful comments on drafts of this paper.  ... 
doi:10.1007/s00145-003-0213-5 fatcat:betpvbsrozhpxa2fz2kryc6au4

Improving Implementable Meet-in-the-Middle Attacks by Orders of Magnitude [chapter]

Paul C. van Oorschot, Michael J. Wiener
1996 Lecture Notes in Computer Science  
For n the cardinality of the space that each half of the secret is chosen from (n=256 for double-DES), and w the number of words of memory available for an attack, a technique based on parallel collision  ...  For the example of double-DES, an attacker with 16 Gbytes of memory could recover a pair of DES keys in a knownplaintext attack with 570 times fewer encryptions and 3.7~106 times fewer memory accesses  ...  We would also like to thank anonymous members of the Crypto'96 Program Committee whose comments contributed to an improved presentation of this material.  ... 
doi:10.1007/3-540-68697-5_18 fatcat:myzu5vfpwbfdhc3saexjnycx2m

Using the Cloud to Determine Key Strengths [chapter]

Thorsten Kleinjung, Arjen K. Lenstra, Dan Page, Nigel P. Smart
2012 Lecture Notes in Computer Science  
Over time the resulting data points will provide valuable insight in the selection of cryptographic key sizes. 3  ...  allowing for improvements such as of new algorithmic approaches.  ...  The best generic algorithm for collision search is the parallel "distinguished points" method of van Oorschot and Wiener [28] .  ... 
doi:10.1007/978-3-642-34931-7_3 fatcat:q2gdyrgspbgrni567kz2rqgzl4

The Cost to Break SIKE: A Comparative Hardware-Based Analysis with AES and SHA-3 [article]

Patrick Longa, Wen Wang, Jakub Szefer
2020 IACR Cryptology ePrint Archive  
computing and memory costs that are needed for cryptanalysis.  ...  In this effort, we design especiallytailored hardware accelerators for the time-critical isogeny computations that we use to model an ASIC-powered instance of the van Oorschot-Wiener (vOW) parallel collision  ...  Finally, we thank Craig Costello and Michael Naehrig for proofreading an early version of this paper and for their valuable feedback.  ... 
dblp:journals/iacr/LongaWS20 fatcat:4denq3sax5e73g3iwqn42mmtry

Applying Time-Memory-Data Trade-Off to Plaintext Recovery Attack [chapter]

Zhenqi Li, Bin Zhang, Yao Lu, Jing Zou, Dongdai Lin
2012 Lecture Notes in Computer Science  
In this paper, we propose a new attack for block ciphers by applying the well known time-memory-data (TMD) trade-off to plaintext recovery attack (PRA), thus creating two new schemes: TMD-PRA-I and TMD-PRA-II  ...  Compared with the traditional trade-off attacks, these two schemes possess several robust properties which can greatly increase the success probability and enhance the process of analysis.  ...  The basic idea of a time-memory trade-off (TMTO) is to find a trade-off between the exhaustive search and the exhaustive storage.  ... 
doi:10.1007/978-3-642-34129-8_29 fatcat:4vrvloq2n5axlgyvcp3vonndxa

Cryptanalysis with COPACOBANA

Tim Güneysu, Timo Kasper, Martin Novotný, Christof Paar, Andy Rupp
2008 IEEE transactions on computers  
Furthermore, we describe time-memory trade-off techniques that can, e.g., be used for attacking the popular A5/1 algorithm used in GSM voice encryption.  ...  ratio than off-the-shelf computers.  ...  and Stefan Spitz, for their tremendous help on our work with COPACOBANA and its applications.  ... 
doi:10.1109/tc.2008.80 fatcat:pl4gthjisjgond3au5qrracuju

The DBlock family of block ciphers

WenLing Wu, Lei Zhang, XiaoLi Yu
2015 Science China Information Sciences  
For key schedule of DBlock, it basically employs the same module used in encryption, except the choice of different byte permutations, which can improve its suitability for various implementation environments  ...  In this paper, we propose a new family of block ciphers named DBlock. It consists of three variants which are specified as respectively. DBlock-n has the equal n-bit block length and key length.  ...  The choice of SA structure in function T represents our consideration on performance and security trade-off.  ... 
doi:10.1007/s11432-014-5219-0 fatcat:kmj5v65jijgmpa3kygk25geyh4

Integral Distinguishers of the Full-Round Lightweight Block Cipher SAT_Jo

Xueying Qiu, Yongzhuang Wei, Samir Hodzic, Enes Pasalic, Chien Ming Chen
2021 Security and Communication Networks  
, we show that this method provides distinguishers for a full-round block cipher SAT_Jo.  ...  By specifying integral distinguishers for the full-round SAT_Jo algorithm using this method, we essentially disapprove its use in intended applications.  ...  Table 5 shows other cryptanalytic results for SAT_Jo. e key recovery attack on SAT_Jo: in order to perform a key recovery attack on the full-round SAT_Jo cipher, one can use the 30-round distinguisher  ... 
doi:10.1155/2021/5310545 fatcat:shkiztfqqjh37lukklkwbergja

Cache Attacks and Countermeasures: The Case of AES [chapter]

Dag Arne Osvik, Adi Shamir, Eran Tromer
2006 Lecture Notes in Computer Science  
This leakage reveals memory access patterns, which can be used for cryptanalysis of cryptographic primitives that employ data-dependent table lookups.  ...  We describe several software side-channel attacks based on inter-process leakage through the state of the CPU's memory cache.  ...  Bernstein for suggesting the investigation of remote attacks, and to Eli Biham and Paul Karger for directing us to references [8] and [7] respectively.  ... 
doi:10.1007/11605805_1 fatcat:u3yllq7abfaqthhwfl6dbm3k5a
« Previous Showing results 1 — 15 out of 194 results