Buchmann, Johannes ; Pyshkin, Andrei ; Weinmann, Ralf-Philipp (2006)
Block Ciphers Sensitive to Gröbner Basis Attacks.
RSA Conference 2006. San Jose, CA, USA (February 13-17, 2005)
doi: 10.1007/11605805_20
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
We construct and analyze Feistel and SPN ciphers that have a sound design strategy against linear and differential attacks but for which the encryption process can be described by very simple polynomial equations. For a block and key size of 128 bits, we present ciphers for which practical Gröbner basis attacks can recover the full cipher key requiring only a minimal number of plaintext/ciphertext pairs. We show how Gröbner bases for a subset of these ciphers can be constructed with neglegible computational effort. This reduces the key–recovery problem to a Gröbner basis conversion problem. By bounding the running time of a Gröbner basis conversion algorithm, FGLM, we demonstrate the existence of block ciphers resistant against differential and linear cryptanalysis but vulnerable against Gröbner basis attacks.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2006 |
| Autor(en): | Buchmann, Johannes ; Pyshkin, Andrei ; Weinmann, Ralf-Philipp |
| Art des Eintrags: | Bibliographie |
| Titel: | Block Ciphers Sensitive to Gröbner Basis Attacks |
| Sprache: | Deutsch |
| Publikationsjahr: | 2006 |
| Ort: | Berlin |
| Verlag: | Springer |
| Buchtitel: | Topics in Cryptology-CT-RSA 2006: The Cryptographers' Track at the RSA Conference 2006, San Jose, CA, USA, February 13-17, 2005, Proceedings |
| Reihe: | Lecture Notes in Computer Science |
| Band einer Reihe: | 3860 |
| Veranstaltungstitel: | RSA Conference 2006 |
| Veranstaltungsort: | San Jose, CA, USA |
| Veranstaltungsdatum: | February 13-17, 2005 |
| DOI: | 10.1007/11605805_20 |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | We construct and analyze Feistel and SPN ciphers that have a sound design strategy against linear and differential attacks but for which the encryption process can be described by very simple polynomial equations. For a block and key size of 128 bits, we present ciphers for which practical Gröbner basis attacks can recover the full cipher key requiring only a minimal number of plaintext/ciphertext pairs. We show how Gröbner bases for a subset of these ciphers can be constructed with neglegible computational effort. This reduces the key–recovery problem to a Gröbner basis conversion problem. By bounding the running time of a Gröbner basis conversion algorithm, FGLM, we demonstrate the existence of block ciphers resistant against differential and linear cryptanalysis but vulnerable against Gröbner basis attacks. |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra |
| Hinterlegungsdatum: | 20 Nov 2008 08:24 |
| Letzte Änderung: | 03 Dez 2024 09:31 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum