Differential Cryptanalysis - Modern Cryptanalysis: Techniques for Advanced Code Breaking

Cryptography Reference

In-Depth Information

keys the same, is immune to this attack, as the differential would carry into the first and last steps of both en-

cryption and decryption.

Finally, the authors of Reference [8] give some guidance on how to avoid related-key attacks.

First, avoid using key-exchange algorithms that do not have key integrity; always check the key before using

it blindly to encrypt something and broadcasting it.

Second, making efforts to not derive round keys in such linear manners will go a long way. The authors make

a very good suggestion of running the key first through a cryptographic hash function, such as SHA-1, and then

using it to derive a key schedule. Any sufficiently strong hash function will obliterate any structures that may

have been artificially induced, preventing them from meaningfully modifying the ciphertext.

7.17 Summary

In this chapter, I demonstrated many modern differential attacks against modern ciphers. The standard differen-

tial attack has been extended and studied extensively over the past two decades and continues to be in confer-

ences and papers every year.

There is always more to learn in the field of cryptanalysis. This topic only covered some of the more popular

and influential topics in the field. To the reader wanting to learn even more about the field, you can look through

the archives and current issues of The Journal of Cryptology, Cryptologia, the proceedings of conferences such

as CRYPTO, EUROCRYPT, ASIACRYPT, Fast Software Encryption, and many others.

Again, we must reiterate, though: The best way to become a better cryptanalyst is to practice, practice, prac-

tice!

Exercises

Exercise 1

ChangetheS-boxandP-boxoftheEASY1ciphertorandomlygeneratedvalues.Usetheanalysisinthischapter

to create a differential attack on this for three rounds.

Exercise 2

Use the basic one-round version of the cipher from the previous exercise as a round function to a simple Feistel

cipher. Use a simple key schedule, such as using the same 36-bit key every round.

Use differential cryptanalysis to break this Feistel cipher for eight rounds. Give analysis for how many plain-

text-ciphertext pairs this will require.

Exercise 3

Perform a differential analysis of the S-boxes of DES. Discuss your results.

Search WWH ::

Custom Search

Home