An improvement of Davies’ attack on DES

  title={An improvement of Davies’ attack on DES},
  author={Eli Biham and Alex Biryukov},
  journal={Journal of Cryptology},
In this paper we improve Davies’ attack [2] on DES to become capable of breaking the full 16-round DES faster than the exhaustive search. Our attack requires 250 known plaintexts and 250 complexity of analysis. If independent subkeys are used, a variant of this attack can find 26 bits out of the 768 key bits using 252 known plaintexts. All the 768 bits of the subkeys can be found using 260 known plaintexts. The data analysis requires only several minutes on a SPARC workstation. Therefore, this… 
Improved Davies-Murphy's Attack on DES Revisited
This paper revisit the recent improved Davies-Murphy's attack by Jacques and Muller from an algorithmic point of view and gives an improved attack algorithm based on Matsui's algorithm 2, which seems that the results of the time and memory complexities are optimal.
Improved Meet-in-the-Middle Attacks on Reduced-Round DES
The strength of DES against attacks that use a limited number of plaintexts and ciphertexts is investigated by mounting meet-in-the-middle attacks on reduced-round DES.
New Lightweight DES Variants
A new block cipher, DESL (DES Lightweight), which is based on the classical DES (Data Encryption Standard) design, but unlike DES it uses a single S-box repeated eight times, which is well suited for ultra-constrained devices such as RFID tags.
Conditional Linear Cryptanalysis - Cryptanalysis of DES with Less Than 242 Complexity
A new extension of linear cryptanalysis that may reduce the complexity of attacks by conditioning linear approximations on other linear approxIMations is introduced and can lead to improvements of attacks, which may require fewer known plaintexts and time of analysis.
Cryptanalysis of some block ciphers
A different implementation of DES is discovered when it is used multiple linear approximations in Differential-Linear cryptanalysis of 8-round DES which gives experimental result comparable to previously known result based on similar attack.
Techniques for Cryptanalysis of Block Ciphers
The authors describe the cryptanalytic toolbox for block ciphers and covers both the underlying concepts at the heart of these attacks and the mathematical foundations of the analysis itself.
Fault Analysis of the KATAN Family of Block Ciphers
This paper investigates the security of the KATAN family of block ciphers against differential fault attacks and shows how to identify the exact position of faulty bits within the internal state by precomputing difference characteristics for each bit position at a given round.
A True Random-Number Encryption Method
This paper proposes a more secure encryption method, called the True Random Number Encryption Method (TRNEM), which employs true random numbers, the time parameters, and coated cipher text as the parameters of the encryption process to increase the security level of a system.
A true Random-Number Encryption Method employing block cipher and PRNG
This paper proposes a more secure encryption method, called the TRNEM, which employs current time, true random numbers and system security codes as parameters of the encryption process to increase the security level of a system.
Statistical and Algebraic Properties of DES
It is shown that there are only 72 different distributions for S-boxes 4, 5 and 6, and the distributions from S-box triplets are linearly dependent and the dependencies are described.


Differential Cryptanalysis of the Data Encryption Standard
This book introduces a new cryptographic method, called differential cryptanalysis, which can be applied to analyze cryptosystems, and describes the cryptanalysis of DES, deals with the influence of its building blocks on security, and analyzes modified variants.
Linear Cryptanalysis Method for DES Cipher
  • M. Matsui
  • Computer Science, Mathematics
  • 1993
A new method is introduced for cryptanalysis of DES cipher, which is essentially a known-plaintext attack, that is applicable to an only-ciphertext attack in certain situations.
Pairs and triplets of DES S-boxes
This paper describes an investigation of a potential weakness in DES which leads to a statistical property observable in plaintext/ciphertext pairs and dependent on the key. However, the number of
Investigation of a Potential Weakness in the DES Algorithm
  • pri- vate communications,
  • 1987
How to Strengthen DES Against Dif- ferential Attacks
  • 1994