Differential Cryptanalysis of the Data Encryption Standard

@inproceedings{Biham1993DifferentialCO,
  title={Differential Cryptanalysis of the Data Encryption Standard},
  author={Eli Biham and Adi Shamir},
  booktitle={Springer New York},
  year={1993}
}
DES, the Data Encryption Standard, is one of several cryptographic standards. The authors of this text detail their cryptanalytic "attack" upon DES and several other systems, using creative and novel tactics to demonstrate how they broke DES up into 16 rounds of coding. The methodology used offers valuable insights to cryptographers and cryptanalysts alike in creating new encryption standards, strengthening current ones, and exploring new ways to test important data protection schemes. This… 
An experiment on DES statistical cryptanalysis
TLDR
A new heuristic method has found an attack against DES absolutely equivalent to M. Matsui's (1994) one by following a distinct path and appears to be roughly as efficient as both differential and linear cryptanalysis.
Cryptanalysis of Block Ciphers: A Survey
TLDR
This report summarizes readings in the area of the crypt- analysis of block ciphers and tries to list and give an intuitive description of the most important cryptanalytic techniques published up to 2002.
Cryptanalysis of Block Ciphers
TLDR
This thesis proposes a new extension of differential cryptanalysis, which is called the impossible boomerang attack, and describes the early abort technique for (related-key) impossible differential crypt analysis and rectangle attacks.
Variants of Differential and Linear Cryptanalysis
TLDR
The steps to find distinguisher and steps to recover key of all variants of differential and linear attacks developed till today are illustrated.
Linear and differential cryptanalysis of DES
Introduction The most widely used encryption scheme is based on the Data Encryption Standard (DES) adopted in 1977 by the National Bureau of Standards, now the National Institute of Standards and
Enhancing Differential-Linear Cryptanalysis
TLDR
This paper presents an enhancement of differential-linear cryptanalysis in which the inherited linear probability is smaller than 1, and uses this extension to describe a differential- linear distinguisher for a 7-round reducedversion of DES, and to present the best known key-recovery attack on a 9- round reduced- version of DES.
Differential cryptanalysis of Lucifer
TLDR
A new extension of differential cryptanalysis is devised to extend the class of vulnerable cryptosystems, and suggests key-dependent characteristics, called conditional characteristics, selected to increase the characteristics' probabilities for keys in subsets of the key space.
CAES Cryptosystem: Advanced Security Tests and Results
TLDR
Results of robustness and security tests conducted on the CAES (Cellular automata Encryption System) cryptosystem concluded that the cryptosSystem CAES gives a pseudo-random output regardless the input.
Differential Cryptanalysis of Lucifer
TLDR
This paper introduces a new extension of differential cryptanalysis, devised to extend the class of vulnerable cryptosystems, and suggests key-dependent characteristics, called conditional characteristics, selected to enlarge the characteristics' probabilities for keys in subsets of the key space.
Techniques for Cryptanalysis of Block Ciphers
TLDR
The authors describe the cryptanalytic toolbox for block ciphers and covers both the underlying concepts at the heart of these attacks and the mathematical foundations of the analysis itself.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 33 REFERENCES
Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI
TLDR
It is shown that an XOR profile with carefully placed zeroes is required in order to avoid some variant forms of differential cryptanalysis, and permutation P needs to be chosen to prevent easy propagation of a constant XOR value back into the same S-box.
A Statistical Attack of the FEAL-8 Cryptosystem
TLDR
This paper presents a chosen plaintext cryptanalysis of the FEAL-8 cryptosystem, and states that some differential statistics for intermediate values of the data randomizer are non uniform and independent of the encryption key.
LOKI - A Cryptographic Primitive for Authentication and Secrecy Applications
TLDR
The LOKI primitive may be used in any mode of operation currently defined for ISO DEA-1, with which it is interface compatible, and two modes of operation which compute a 64-bit and 128-bit, Message Authentication Code (or hash value).
Lucifer, a Cryptographic Algorithm
  • A. Sorkin
  • Computer Science, Mathematics
    Cryptologia
  • 1984
TLDR
Lucifer, a direct predecessor of the DES algorithm, is a block-cipher having a 128 bit block size and 128 bit key length, providing a modern, secure cryptographic algorithm that can be used in personal computers.
Cryptography and Data Security
TLDR
The goal of this book is to introduce the mathematical principles of data security and to show how these principles apply to operating systems, database systems, and computer networks.
Long Key Variants of DES
  • T. Berson
  • Computer Science, Mathematics
    CRYPTO
  • 1982
TLDR
Empirical studies have shown that modifications to the DES key schedule (KS) would allow the use of keys longer than 56 bits, which would be a significant improvement over the current DES key length.
Cryptonalysis of the Data Encryption Standard by the Method of Formal Coding
The "Method of Formal Coding" consists in representing each bit of a DES ciphertext block as an XOR-sum-of-products of the plaintext bits and the key bits. Subsequent introduction of the
Differential Cryptanalysis of Feal and N-Hash
TLDR
The applicability of differential cryptanalysis to the Feal family of encryption algorithms and to the N-Hash hash function is shown.
A cryptanalytic time-memory trade-off
  • M. Hellman
  • Computer Science, Mathematics
    IEEE Trans. Inf. Theory
  • 1980
TLDR
A probabilistic method is presented which cryptanalyzes any N key cryptosystem in N 2/3 operational with N2/3 words of memory after a precomputation which requires N operations, and works in a chosen plaintext attack and can also be used in a ciphertext-only attack.
Fast Software Encryption Functions
  • R. Merkle
  • Computer Science, Mathematics
    CRYPTO
  • 1990
TLDR
A well accepted encryption function for implementation in software is presented here - on a SUN 4/260 it can encrypt at 4 to 8 megabits per second, which will effectively reduce the cost and increase the availability of cryptographic protection.
...
1
2
3
4
...