Introduction Low Data Complexity Cryptanalysis Symbolic Tools Results Conclusion

111

pages

English

Documents

Écrit par
Charles Bouillaguet

Publié par
pefav

Lire un extrait

Obtenez un accès à la bibliothèque pour le consulter en ligne En savoir plus

Découvre YouScribe en t'inscrivant gratuitement

Je m'inscris

Découvre YouScribe en t'inscrivant gratuitement

Je m'inscris

111

pages

English

Documents

Lire un extrait

Obtenez un accès à la bibliothèque pour le consulter en ligne En savoir plus

Publié par

pefav

Nombre de lectures

Langue

English

Poids de l'ouvrage

4 Mo

results conclusion

block-cipher cryptanalysis

?? ?

key schedule

introduction low-data

complexity cryptanalysis

symbolic tools

Voir

Publié par

pefav

Nombre de lectures

Langue

English

Poids de l'ouvrage

4 Mo

Introduction Low-Data Complexity Cryptanalysis Symbolic Tools Results Conclusion
Symbolic Methods for the Automatic Search
of Attacks Against Some Block Ciphers
Charles Bouillaguet
(joint work with Patrick Derbez and Pierre-Alain Fouque)
Université de Versailles St-Quentin en Yvelines
LSV Seminar
November 15, 2011Introduction Low-Data Complexity Cryptanalysis Symbolic Tools Results Conclusion
A(VeryBrief)IntroductiontoCryptography: Encryption
5c14ff5cc3225fb9e5ae8919671e23b6
K K
??
???Introduction Low-Data Complexity Cryptanalysis Symbolic Tools Results Conclusion
Block-CipherCryptanalysis: theObject
a Block Cipher
k n nE :f0, 1g f0, 1g !f0, 1g
| {z } | {z } | {z }
key plaintext ciphertext
plaintext
key
ciphertextIntroduction Low-Data Complexity Cryptanalysis Symbolic Tools Results Conclusion
Block-CipherCryptanalysis: theObject
Plaintext
k0
Round
k1
Round
k2
RoundKey ScheduleK
kr
Round
CiphertextIntroduction Low-Data Complexity Cryptanalysis Symbolic Tools Results Conclusion
Block-CipherCryptanalysis: theObject
Plaintext
k0
Round
k1
Round
k2
RoundKey ScheduleK
kr
Round
CiphertextIntroduction Low-Data Complexity Cryptanalysis Symbolic Tools Results Conclusion
Block-CipherCryptanalysis: theSubject
an Attacker
I Goal :
I In Theory: distinguishfromrandompermutation
I In Practice: recoverthesecretkey
I Resources:
kI Time: less than 2 encryptions
nI Data: less than 2 plaintext/ciphertext pairsIntroduction Low-Data Complexity Cryptanalysis Symbolic Tools Results Conclusion
Block-CipherCryptanalysis: theGame
?? ?
? ? plaintext
ciphertextIntroduction Low-Data Complexity Cryptanalysis Symbolic Tools Results Conclusion
Block-CipherCryptanalysis: theGame
?? ?
? ? plaintext
ciphertextIntroduction Low-Data Complexity Cryptanalysis Symbolic Tools Results Conclusion
Block-CipherCryptanalysis: theGame
?? ?
? ? plaintext
K
ciphertextIntroduction Low-Data Complexity Cryptanalysis Symbolic Tools Results Conclusion
WhatCanWeDoWhenBlockCiphersAreTooStrongForUs?
I Solution#1:
I weakenit, thenbreakit
PlaintextI reduce number of rounds
k0
Round
k1
Round
k2
RoundKey ScheduleK
kr
Round
Ciphertext

Voir