# Differential cryptanalysis of DES-like cryptosystems

@article{Biham2004DifferentialCO, title={Differential cryptanalysis of DES-like cryptosystems}, author={Eli Biham and Adi Shamir}, journal={Journal of Cryptology}, year={2004}, volume={4}, pages={3-72} }

The Data Encryption Standard (DES) is the best known and most widely used cryptosystem for civilian applications. It was developed at IBM and adopted by the National Bureau of Standards in the mid 1970s, and has successfully withstood all the attacks published so far in the open literature. In this paper we develop a new type of cryptanalytic attack which can break the reduced variant of DES with eight rounds in a few minutes on a personal computer and can break any reduced variant of DES (with…

## 2,043 Citations

Cryptanalysis of Five Rounds of CRYPTON Using Impossible Differentials

- Computer Science, MathematicsASIACRYPT
- 1999

An attack on CRYPTON reduced to 5 rounds is presented, based on impossible differentials, to show thatCRYPTON version 1.0 reduced to5 rounds can be attacked using 2 83.4 chosen plaintext and ciphertext pairs.

Linear and differential cryptanalysis of DES

- Computer Science
- 2013

Introduction The most widely used encryption scheme is based on the Data Encryption Standard (DES) adopted in 1977 by the National Bureau of Standards, now the National Institute of Standards and…

The improved data encryption standard (DES) algorithm

- Computer Science, MathematicsProceedings of ISSSTA'95 International Symposium on Spread Spectrum Techniques and Applications
- 1996

The Improved-DES is a new algorithm that is stronger than the DES against differential cryptanalysis for cryptographic security and the analysis will show that the unicity distance in the Improved- DES is increased more than theDES's UD.

Differential cryptanalysis of Lucifer

- Computer Science, MathematicsJournal of Cryptology
- 2005

A new extension of differential cryptanalysis is devised to extend the class of vulnerable cryptosystems, and suggests key-dependent characteristics, called conditional characteristics, selected to increase the characteristics' probabilities for keys in subsets of the key space.

Differential cryptanalysis of new Qamal encryption algorithm

- Computer Science
- 2020

It is shown that for a version with a 128-bit data block and the same secret key size for three rounds of encryption it is difficult to find the right pairs of texts with a probability of 2 –120, which makes differential cryptanalysis not applicable to the Qamal cypher.

Feistel Schemes and Bi-linear Cryptanalysis

- Computer Science, MathematicsCRYPTO
- 2004

A practical attack on DES based on a 1-round invariant is presented, the fastest known based on such invariant, and about as fast as the best Matsui’s attack.

Differential Cryptanalysis of Reduced Rounds of GOST

- Computer Science, MathematicsSelected Areas in Cryptography
- 2000

This paper presents the first result of differential cryptanalysis of GOST with reduced number of rounds with the idea of using a set of differential characteristics, which is a partitioning type, to reduce the influence of the key value upon the probability as well as get high differential probability.

Combined Differential and Linear Cryptanalysis of Reduced-Round PRINTcipher

- Computer Science, MathematicsSelected Areas in Cryptography
- 2011

This paper analyzes the security of PRINTcipher using a technique that combines differential and linear cryptanalysis and shows that specific choices of some of the key bits give rise to a certain differential characteristic probability, which is far higher than the best characteristic probability claimed by the designers.

KFC - The Krazy Feistel Cipher

- Computer Science, MathematicsASIACRYPT
- 2006

KFC is the first practical block cipher to propose tight security proofs of resistance against large classes of attacks, including most classical cryptanalysis (such as linear and differential cryptanalysis, taking hull effect in consideration in both cases), and results from the decorrelation theory are extended to the whole KFC construction.

Algebraic Cryptanalysis of the Data Encryption Standard

- Computer Science, MathematicsIMACC
- 2007

It is demonstrated that in this paper, several interesting attacks on a real-life "industrial" block cipher can be found, and one of the attacks is the fastest known algebraic attack on 6 rounds of DES, which is quite interesting in itself.

## References

SHOWING 1-10 OF 74 REFERENCES

A cryptanalytic time-memory trade-off

- Computer Science, MathematicsIEEE Trans. Inf. Theory
- 1980

A probabilistic method is presented which cryptanalyzes any N key cryptosystem in N 2/3 operational with N2/3 words of memory after a precomputation which requires N operations, and works in a chosen plaintext attack and can also be used in a ciphertext-only attack.

Cryptography and Data Security

- Computer Science
- 1982

The goal of this book is to introduce the mathematical principles of data security and to show how these principles apply to operating systems, database systems, and computer networks.

Cryptography and Data Security

- Computer Science, Mathematics
- 2003

Encryption transformations: for each fixed key the encryption operation E K is one-to-one (invertible) function from the set of plaintexts to the setof ciphertext.

Cryptanalysis of DES with a reduced number of rounds

- Mathematics, Computer ScienceCRYPTO 1986
- 1986

A blockcipher is said to have a linear factor if, for all plaintexts and keys, there is a fixed non-empty set of key bits whose simultaneous complementation leaves the exclusive-or sum of a fixed…

Crytanalysis of DES with a Reduced Number of Rounds: Sequences of Linear Factors in Block Ciphers

- Mathematics, Computer ScienceCRYPTO
- 1985

A blockcipher is said to have a linear factor if, for all plaintexts and keys, there is a fixed non-empty set of key bits whose simultaneous complementation leaves the exclusive-or sum of a fixed…

A fast software one-way hash function

- Computer Science, MathematicsJournal of Cryptology
- 2004

This work presents a candidate one-way hash function which appears to have these desirable properties; resistant to cryptographic attack, and fast when implemented in software.

Structure in the S-boxes of the DES

- Computer ScienceCRYPTO
- 1986

This paper examines some properties which the S-boxes satisfy and attempts to determine a reason for such structure to exist.

Dependence of Output on Input in DES: Small Avalanche Characteristics

- Computer ScienceCRYPTO
- 1984

Techniques and theorems are presented which allow to evaluate the non-substitution effect in f and the key clustering in DES and its importance related to the security of DES is discussed.

WHO Technical Report

- Environmental ScienceThe Yale Journal of Biology and Medicine
- 1954

The Feather River Coordinated Resource Management Group (FR-CRM) has been restoring channel/ meadow/ floodplain systems in the Feather River watershed since 1985 and recognized the possibility of a significant change in carbon stocks in these restored meadows and valleys.

Feal-N specifications

- NTT
- 1989