# Differential Cryptanalysis of the Data Encryption Standard

@inproceedings{Biham1993DifferentialCO, title={Differential Cryptanalysis of the Data Encryption Standard}, author={Eli Biham and Adi Shamir}, booktitle={Springer New York}, year={1993} }

DES, the Data Encryption Standard, is one of several cryptographic standards. The authors of this text detail their cryptanalytic "attack" upon DES and several other systems, using creative and novel tactics to demonstrate how they broke DES up into 16 rounds of coding. The methodology used offers valuable insights to cryptographers and cryptanalysts alike in creating new encryption standards, strengthening current ones, and exploring new ways to test important data protection schemes. This…

## 987 Citations

An experiment on DES statistical cryptanalysis

- Computer Science, MathematicsCCS '96
- 1996

A new heuristic method has found an attack against DES absolutely equivalent to M. Matsui's (1994) one by following a distinct path and appears to be roughly as efficient as both differential and linear cryptanalysis.

Cryptanalysis of Block Ciphers: A Survey

- Computer Science, Mathematics
- 2002

This report summarizes readings in the area of the crypt- analysis of block ciphers and tries to list and give an intuitive description of the most important cryptanalytic techniques published up to 2002.

Cryptanalysis of Block Ciphers

- Computer Science, Mathematics
- 2008

This thesis proposes a new extension of differential cryptanalysis, which is called the impossible boomerang attack, and describes the early abort technique for (related-key) impossible differential crypt analysis and rectangle attacks.

Variants of Differential and Linear Cryptanalysis

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2015

The steps to find distinguisher and steps to recover key of all variants of differential and linear attacks developed till today are illustrated.

Linear and differential cryptanalysis of DES

- Computer Science
- 2013

Introduction The most widely used encryption scheme is based on the Data Encryption Standard (DES) adopted in 1977 by the National Bureau of Standards, now the National Institute of Standards and…

Enhancing Differential-Linear Cryptanalysis

- Computer Science, MathematicsASIACRYPT
- 2002

This paper presents an enhancement of differential-linear cryptanalysis in which the inherited linear probability is smaller than 1, and uses this extension to describe a differential- linear distinguisher for a 7-round reducedversion of DES, and to present the best known key-recovery attack on a 9- round reduced- version of DES.

Differential cryptanalysis of Lucifer

- Computer Science, MathematicsJournal of Cryptology
- 2005

A new extension of differential cryptanalysis is devised to extend the class of vulnerable cryptosystems, and suggests key-dependent characteristics, called conditional characteristics, selected to increase the characteristics' probabilities for keys in subsets of the key space.

CAES Cryptosystem: Advanced Security Tests and Results

- Computer Science, MathematicsInt. J. Netw. Secur.
- 2018

Results of robustness and security tests conducted on the CAES (Cellular automata Encryption System) cryptosystem concluded that the cryptosSystem CAES gives a pseudo-random output regardless the input.

Differential Cryptanalysis of Lucifer

- Computer Science, MathematicsCRYPTO
- 1993

This paper introduces a new extension of differential cryptanalysis, devised to extend the class of vulnerable cryptosystems, and suggests key-dependent characteristics, called conditional characteristics, selected to enlarge the characteristics' probabilities for keys in subsets of the key space.

Techniques for Cryptanalysis of Block Ciphers

- Computer Science, Mathematics
- 2021

The authors describe the cryptanalytic toolbox for block ciphers and covers both the underlying concepts at the heart of these attacks and the mathematical foundations of the analysis itself.

## References

SHOWING 1-10 OF 33 REFERENCES

Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI

- Mathematics, Computer ScienceASIACRYPT
- 1991

It is shown that an XOR profile with carefully placed zeroes is required in order to avoid some variant forms of differential cryptanalysis, and permutation P needs to be chosen to prevent easy propagation of a constant XOR value back into the same S-box.

A Statistical Attack of the FEAL-8 Cryptosystem

- Computer Science, MathematicsCRYPTO
- 1990

This paper presents a chosen plaintext cryptanalysis of the FEAL-8 cryptosystem, and states that some differential statistics for intermediate values of the data randomizer are non uniform and independent of the encryption key.

LOKI - A Cryptographic Primitive for Authentication and Secrecy Applications

- Computer Science, MathematicsAUSCRYPT
- 1990

The LOKI primitive may be used in any mode of operation currently defined for ISO DEA-1, with which it is interface compatible, and two modes of operation which compute a 64-bit and 128-bit, Message Authentication Code (or hash value).

Lucifer, a Cryptographic Algorithm

- Computer Science, MathematicsCryptologia
- 1984

Lucifer, a direct predecessor of the DES algorithm, is a block-cipher having a 128 bit block size and 128 bit key length, providing a modern, secure cryptographic algorithm that can be used in personal computers.

Cryptography and Data Security

- Computer Science
- 1982

The goal of this book is to introduce the mathematical principles of data security and to show how these principles apply to operating systems, database systems, and computer networks.

Long Key Variants of DES

- Computer Science, MathematicsCRYPTO
- 1982

Empirical studies have shown that modifications to the DES key schedule (KS) would allow the use of keys longer than 56 bits, which would be a significant improvement over the current DES key length.

Cryptonalysis of the Data Encryption Standard by the Method of Formal Coding

- Computer ScienceEUROCRYPT
- 1982

The "Method of Formal Coding" consists in representing each bit of a DES ciphertext block as an XOR-sum-of-products of the plaintext bits and the key bits. Subsequent introduction of the…

Differential Cryptanalysis of Feal and N-Hash

- Computer Science, MathematicsEUROCRYPT
- 1991

The applicability of differential cryptanalysis to the Feal family of encryption algorithms and to the N-Hash hash function is shown.

A cryptanalytic time-memory trade-off

- Computer Science, MathematicsIEEE Trans. Inf. Theory
- 1980

A probabilistic method is presented which cryptanalyzes any N key cryptosystem in N 2/3 operational with N2/3 words of memory after a precomputation which requires N operations, and works in a chosen plaintext attack and can also be used in a ciphertext-only attack.

Fast Software Encryption Functions

- Computer Science, MathematicsCRYPTO
- 1990

A well accepted encryption function for implementation in software is presented here - on a SUN 4/260 it can encrypt at 4 to 8 megabits per second, which will effectively reduce the cost and increase the availability of cryptographic protection.