scholarly journals How Many Weak-Keys Exist in T-310 ?

2019 ◽  
Vol 73 (1) ◽  
pp. 61-82
Author(s):  
Nicolas T. Courtois ◽  
Matteo Scarlata ◽  
Marios Georgiou
Keyword(s):  
Cold War ◽  
Block Cipher ◽  
Internal State ◽  
Differential Cryptanalysis ◽  
Linear Cryptanalysis ◽  
Vast Number ◽  
Weak Keys ◽  
Slide Attacks ◽  
Slide Attack ◽  
Decryption Oracle

Abstract T-310 is an important Cold War cipher. The cipher is extremely complex and it outputs extremely few bits from the internal state. A recent paper [Courtois, N. T.: Decryption oracle slide attacks on T-310, Cryptologia, 42 (2018), no. 3, 191–204] shows an example of a highly anomalous key such that T-310 can be broken by a slide attack with a decryption oracle. In this paper, we show that the same attacks are ALSO possible for regular keys which satisfy all the official KT1 requirements. Two other recent papers [Courtois, N. T.—Georgiou, M.—Scarlata, M.: Slide attacks and LC-weak keys in T-310, Cryptologia 43 (2019), no. 3, 175–189]; [Courtois, N. T.—Oprisanu, M. B.—Schmeh, K.: Linear cryptanalysis and block cipher design in East Germany in the 1970s, Cryptologia (published online), December 5, 2018] show that some of the KT1 keys are very weak w.r.t. Linear Cryptanalysis. In this paper, we show that a vast number of such weak keys exist and study the exact pre-conditions which make them weak. In addition we introduce a new third class of weak keys for RKDC (Related-Key Differential Cryptanalysis). We show that the original designers in the 1970s have ensured that these RKDC properties cannot happen for 4 rounds. We have discovered that these properties can happen for as few as 5 rounds for some keys, and for 10 to 16 rounds they become hard to avoid. The main reason why we study weak keys is to show that none of these properties occur by accident, rather that they are governed by precise pre-conditions which guarantee their existence, and countless other keys with the same properties exist. Eventually, this is how interesting attacks can be found.

scholarly journals Crypto-Archaeology: unearthing design methodology of DES s-boxes

2017 ◽  
Author(s):  
Sankhanil Dey ◽  
Ranjan Ghosh
Keyword(s):  
Boolean Function ◽  
Boolean Functions ◽  
Design Methodology ◽  
Block Cipher ◽  
Block Ciphers ◽  
Public Domain ◽  
Differential Cryptanalysis ◽  
Linear Cryptanalysis ◽  
Strict Avalanche Criterion ◽  
Independence Criterion

US defence sponsored the DES program in 1974 and released it in 1977. It remained as a well-known and well accepted block cipher until 1998. Thirty-two 4-bit DES S-Boxes are grouped in eight each with four and are put in public domain without any mention of their design methodology. S-Boxes, 4-bit, 8-bit or 32-bit, find a permanent seat in all future block ciphers. In this paper, while looking into the design methodology of DES S-Boxes, we find that S-Boxes have 128 balanced and non-linear Boolean Functions, of which 102 used once, while 13 used twice and 92 of 102 satisfy the Boolean Function-level Strict Avalanche Criterion. All the S-Boxes satisfy the Bit Independence Criterion. Their Differential Cryptanalysis exhibits better results than the Linear Cryptanalysis. However, no S-Boxes satisfy the S-Box-level SAC analyses. It seems that the designer emphasized satisfaction of Boolean-Function-level SAC and S-Box-level BIC and DC, not the S-Box-level LC and SAC.

scholarly journals Crypto-Archaeology: unearthing design methodology of DES s-boxes

2017 ◽  
Author(s):  
Sankhanil Dey ◽  
Ranjan Ghosh
Keyword(s):  
Boolean Function ◽  
Boolean Functions ◽  
Design Methodology ◽  
Block Cipher ◽  
Block Ciphers ◽  
Public Domain ◽  
Differential Cryptanalysis ◽  
Linear Cryptanalysis ◽  
Strict Avalanche Criterion ◽  
Independence Criterion

US defence sponsored the DES program in 1974 and released it in 1977. It remained as a well-known and well accepted block cipher until 1998. Thirty-two 4-bit DES S-Boxes are grouped in eight each with four and are put in public domain without any mention of their design methodology. S-Boxes, 4-bit, 8-bit or 32-bit, find a permanent seat in all future block ciphers. In this paper, while looking into the design methodology of DES S-Boxes, we find that S-Boxes have 128 balanced and non-linear Boolean Functions, of which 102 used once, while 13 used twice and 92 of 102 satisfy the Boolean Function-level Strict Avalanche Criterion. All the S-Boxes satisfy the Bit Independence Criterion. Their Differential Cryptanalysis exhibits better results than the Linear Cryptanalysis. However, no S-Boxes satisfy the S-Box-level SAC analyses. It seems that the designer emphasized satisfaction of Boolean-Function-level SAC and S-Box-level BIC and DC, not the S-Box-level LC and SAC.

scholarly journals Distribusi Difference dari S-Box Berbasis Fungsi Balikan Pada GF(28)

2016 ◽  
Vol 6 (2) ◽  
pp. 93
Author(s):  
Andriani Adi Lestari ◽  
Nunik Yulianingsih
Keyword(s):  
Finite Field ◽  
High Probability ◽  
Block Cipher ◽  
Basic Component ◽  
Differential Cryptanalysis ◽  
Linear Cryptanalysis ◽  
Affine Transformations ◽  
Maximum Difference ◽  
Substitution Box ◽  
Inverse Mapping

Substitution-box (s-box) is a basic component of block cipher which performs a substitution. Two powerful cryptanalysis techniques applied to block ciphers are linear cryptanalysis and differential cryptanalysis. The resistance against differential cryptanalysis can be achieved by eliminating high-probability differential trails. We should choose an s-box where the maximum difference propagation probability is as small as possible to eliminating high-probability differential trails. Nyberg proposed a method to construct the s-box by using the inverse mapping on a finite field then implements affine transformations on . In this study, we generate 47.104 s-box according to Nyberg. The experimental results showed that s-boxes have the maximum difference propagation probability with the same frequency.

scholarly journals Towards Key-recovery-attack Friendly Distinguishers: Application to GIFT-128

2021 ◽  
pp. 156-184
Author(s):  
Rui Zong ◽  
Xiaoyang Dong ◽  
Huaifeng Chen ◽  
Yiyuan Luo ◽  
Si Wang ◽  
...  
Keyword(s):  
Block Cipher ◽  
Recovery Process ◽  
Low Complexity ◽  
Differential Cryptanalysis ◽  
Linear Cryptanalysis ◽  
Linear Hull ◽  
Differential Attack ◽  
Key Recovery ◽  
Key Recovery Attack

When analyzing a block cipher, the first step is to search for some valid distinguishers, for example, the differential trails in the differential cryptanalysis and the linear trails in the linear cryptanalysis. A distinguisher is advantageous if it can be utilized to attack more rounds and the amount of the involved key bits during the key-recovery process is small, as this leads to a long attack with a low complexity. In this article, we propose a two-step strategy to search for such advantageous distinguishers. This strategy is inspired by the intuition that if a differential is advantageous only when some properties are satisfied, then we can predefine some constraints describing these properties and search for the differentials in the small set.As applications, our strategy is used to analyze GIFT-128, which was proposed in CHES 2017. Based on some 20-round differentials, we give the first 27-round differential attack on GIFT-128, which covers one more round than the best previous result. Also, based on two 17-round linear trails, we give the first linear hull attack on GIFT-128, which covers 22 rounds. In addition, we also give some results on two GIFT-128 based AEADs GIFT-COFB and SUNDAE-GIFT.

“Bridges of Reconciliation”

2019 ◽  
pp. 96-127
Author(s):  
Petra Goedde
Keyword(s):  
Human Rights ◽  
Cold War ◽  
Internal State ◽  
The Political ◽  
Religious Groups ◽  
Universal Code ◽  
Peace Activism ◽  
The Cold War ◽  
Politically Active ◽  
Political Realm

A host of religious individuals and groups became politically active on behalf of world peace at the height of the Cold War. Those groups tried to add a religious dimension to the debates about Cold War international relations, while at the same time pushing the religious conceptualization of peace into the political realm. The Cold War turned religious groups and individuals into political activists. These activists still promulgated peace as an internal state of spiritual harmony, common to many of the world’s largest religions, including Christianity, Judaism, and Hinduism. But they added a new dimension that stressed its communal, political, and global aspirations. They merged the ideals of peace activism and ecumenism in the postwar world by relying on the universal code enshrined in the global human rights agenda, doing so a decade before the secular human rights revolution erupted in the 1970s.

scholarly journals Related-Key Differential Cryptanalysis of the Reduced-Round Block Cipher GIFT

IEEE Access ◽  
2019 ◽  
Vol 7 ◽  
pp. 175769-175778 ◽  
Author(s):  
Meichun Cao ◽  
Wenying Zhang
Keyword(s):  
Block Cipher ◽  
Differential Cryptanalysis
Sign in / Sign up

Export Citation Format

Share Document