Bulygin, Stanislav ; Walter, Michael ; Buchmann, Johannes
Hrsg.: Dawson, E. (2013)
Many weak keys for PRINTcipher: fast key recovery and countermeasures.
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
In this paper we investigate the invariant property of PRINTcipher first discovered by Leander et al. in their CRYPTO 2011 paper. We provide a complete study and show that there exist 64 families of weak keys for PRINTcipher-48 and as many as 115,669 for PRINTcipher-96. Moreover, we show that searching the weak key space may be substantially sped up by splitting the search into two consecutive steps. We show that for many classes of weak keys, key recovery can be done with very small time complexity in the chosen/known plaintext scenario. This shows that the cipher is actually much more vulnerable to this type of attacks than was even thought previously. Still, effective countermeasures exist against the attack. The method of finding all weak key families has value on its own. It is based on Mixed Linear Integer Programming and can be adapted to solving other interesting problems on similar ciphers.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2013 |
| Herausgeber: | Dawson, E. |
| Autor(en): | Bulygin, Stanislav ; Walter, Michael ; Buchmann, Johannes |
| Art des Eintrags: | Bibliographie |
| Titel: | Many weak keys for PRINTcipher: fast key recovery and countermeasures |
| Sprache: | Englisch |
| Publikationsjahr: | Februar 2013 |
| Verlag: | Springer |
| Buchtitel: | RSA Conference Cryptographer's Track (CT-RSA 2013) |
| Reihe: | Lecture Notes in Computer Science |
| Band einer Reihe: | 7779 |
| Kurzbeschreibung (Abstract): | In this paper we investigate the invariant property of PRINTcipher first discovered by Leander et al. in their CRYPTO 2011 paper. We provide a complete study and show that there exist 64 families of weak keys for PRINTcipher-48 and as many as 115,669 for PRINTcipher-96. Moreover, we show that searching the weak key space may be substantially sped up by splitting the search into two consecutive steps. We show that for many classes of weak keys, key recovery can be done with very small time complexity in the chosen/known plaintext scenario. This shows that the cipher is actually much more vulnerable to this type of attacks than was even thought previously. Still, effective countermeasures exist against the attack. The method of finding all weak key families has value on its own. It is based on Mixed Linear Integer Programming and can be adapted to solving other interesting problems on similar ciphers. |
| Freie Schlagworte: | Secure Data;PRINTcipher, invariant coset attack, mixed integer linear programming, weak keys, chosen plaintext attack, key recovery |
| ID-Nummer: | TUD-CS-2013-0002 |
| Fachbereich(e)/-gebiet(e): | LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt 20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra 20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra > Kryptoanalyse und Seitenkanalangriffe (CSCA) LOEWE > LOEWE-Zentren 20 Fachbereich Informatik LOEWE |
| Hinterlegungsdatum: | 30 Dez 2016 20:23 |
| Letzte Änderung: | 17 Mai 2018 13:02 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum