Documente Academic
Documente Profesional
Documente Cultură
Ivica Nikolić
17 August 2012
1 Introduction
2 Definition of Cryptanalysis
5 Conclusion
Symmetric Primitives
Hash Functions
10101011101000101
11010001010001011
01010111010000101
10010100101110101
00011010101000101 H 101010111010101011
10101011101000101
01010111101000010
00101010111010101
Three properties:
? = ?
1 Collisions resistance
2 Preimage resistance
H H
3 Second-preimage resistance
Secure if it has these properties + no H(x)
”non-randomness”
Three properties:
?
1 Collisions resistance
2 Preimage resistance
H
3 Second-preimage resistance
Secure if it has these properties + no H(x)
”non-randomness”
Three properties:
x = ?
1 Collisions resistance
2 Preimage resistance
H H
3 Second-preimage resistance
Secure if it has these properties + no H(x)
”non-randomness”
Block Ciphers
Block Ciphers
Block Ciphers
1 Introduction
2 Definition of Cryptanalysis
5 Conclusion
What is Cryptanalysis
What is Cryptanalysis
Definition of Attack
Definition of Attack
1 Introduction
2 Definition of Cryptanalysis
5 Conclusion
History
Other Techniques
Output: Ciphertext C
P P + ∆P
Differential analysis – the most popular
form of attack. Find specific differences
∆P , ∆C s.t.:
K E K E
plaintexts (P,P ⊕ ∆P )
↓
ciphertexts (C ,C ⊕ ∆C )
C C + ∆C
...
A key schedule from the master key
produces round keys (subkeys)
01011 ... 01
0
10110 ... 11
11100 ... 00
Differential characteristic – 0
0 10101 ... 11
round-by-round propagation of some initial 0
00010 ... 01
difference 0 KS
10110 ... 00
01011 ... 01
10...11
10110 ... 11
11100 ... 00
Differential characteristic – 00...10
difference
Related-key differential characteristic - ...
11...10
difference in the key as well 10001 ... 10
10...11
10110 ... 00
10110 ... 00
Linear Attack
Meet-in-the-middle Attack
Meet-in-the-middle Attack
Rotational Attack
1 Introduction
2 Definition of Cryptanalysis
5 Conclusion
Modern Proposals
The Designer
The Analyst
Proposal Teams
To achieve security:
The old transforms should already been analyzed in the past
The new transforms can be used only if they add to the
security
To achieve efficiency:
No redundant operations
Carefully chosen number of rounds
1 Introduction
2 Definition of Cryptanalysis
5 Conclusion
Conclusion