Slide Attacks on the Even-Mansour Scheme with Key Leakage

Journal of Information Security Research ›› 2018, Vol. 4 ›› Issue (6): 518-525.

Previous Articles Next Articles

Slide Attacks on the Even-Mansour Scheme with Key Leakage

Received:2018-06-14 Online:2018-06-15 Published:2018-06-14

密钥泄露下Even-Mansour密码的滑动攻击

杨光¹,张平²,胡红钢³

1. 中国科学技术大学
2. 中国科学技术大学信息科学技术学院
3. 中国科技大学

通讯作者: 杨光
作者简介:杨光硕士研究生，主要研究方向为分组密码，网络安全. 胡红钢博士生导师，主要研究方向：伪随机序列、编码理论、密码学与网络安全. 张平博士研究生，主要研究方向：分组密码工作模式的设计、密码学与信息安全.

Abstract

Abstract: The Even-Mansour scheme has been widely used in the block cipher for its simple structure and strict security, and it has always been a very popular research point in the block cipher. The main tool for attacking this scheme is the slide attack. However, there is no relevant research on the attack on the Even-Mansour scheme with key leakage. In this paper, we present an improved keyleakage attack based on slide attacks on the Even-Mansour scheme. Moreover, we present the key-leakage attacks on some variants of the Even-Mansour scheme. The performance of improved attacks are much better than the original attacks when the key is leaked.

Key words: the Even-Mansour scheme, symmetric cryptography, block cipher, cryptanalysis, key leakage

摘要： Even-Mansour密码体制以其简单的结构和严格的安全性证明被广泛地应用于分组密码，一直以来都是分组密码研究方向中热门的研究点.该密码体制最典型的一类攻击方案研究是滑动密码分析.然而，对于该体制在密钥泄露情况下的攻击之前并没有相关的研究.首先给出一个基于Even-Mansour密码的滑动攻击改进的密钥泄露攻击.在Even-Mansour密码体制密钥泄露情况下，攻击性能大大优于原始攻击.接着，针对Even-Mansour加密的变种加密方案，给出其密钥泄露情况下的攻击方案.改进的攻击方案在性能上较原始攻击方案有很大提升.

关键词: Even-Mansour密码体制, 对称密码学, 分组密码, 密码分析, 密钥泄露

杨光张平胡红钢. 密钥泄露下Even-Mansour密码的滑动攻击[J]. 信息安全研究, 2018, 4(6): 518-525.

References

[1] Even S, Mansour Y. A construction of a cipher from a single pseudorandom permutation[C] //International Conference on the Theory and Application of Cryptology. Springer, Berlin, Heidelberg, 1991: 210-224 [2] Even, S., Mansour, Y. A construction of a cipher from a single pseudorandom permutation [J]. Journal of Cryptology, 10(3): 151-161 [3] Kilian, J., Rogaway, P.: How to protect DES against exhaustive key search (an analysis of DESX). In: Koblitz, N. (ed.) CRYPT0 1996. LNCS, vol. 1109, pp. 252-267. Springer, Heidelberg (2002) [4] Kilian J, Rogaway P. How to protect DES against exhaustive key search (an analysis of DESX)[J]. Journal of Cryptology, 2001, 14(1): 17-35 [5] Andreeva E, Bogdanov A, Dodis Y, et al. On the indifferentiability of key-alternating ciphers[M] //Advances in Cryptology–CRYPTO 2013. Springer, Berlin, Heidelberg, 2013: 531-550 [6] Barbosa M, Farshim P. The related-key analysis of feistel constructions[C] //International Workshop on Fast Software Encryption. Springer, Berlin, Heidelberg, 2014: 265-284 [7] Bogdanov A, Knudsen L R, Leander G, et al. Key-alternating ciphers in a provable setting: Encryption using a small number of public permutations[C] //Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, 2012: 45-62 [8] Cogliati B, Lampe R, Seurin Y. Tweaking even-mansour ciphers[C] //Annual Cryptology Conference. Springer, Berlin, Heidelberg, 2015: 189-208 [9] Dai Y, Seurin Y, Steinberger J, et al. Indifferentiability of Iterated Even-Mansour Ciphers with Non-idealized Key-Schedules: Five Rounds Are Necessary and Sufficient[C] //Annual International Cryptology Conference. Springer, Cham, 2017: 524-555 [10] Dinur I, Dunkelman O, Keller N, et al. Key recovery attacks on 3-round Even-Mansour, 8-step LED-128, and full AES 2[C] //International Conference on the Theory and Application of Cryptology and Information Security. Springer, Berlin, Heidelberg, 2013: 337-356 [11] Dinur I, Dunkelman O, Keller N, et al. Key recovery attacks on iterated Even–Mansour encryption schemes[J]. Journal of Cryptology, 2016, 29(4): 697-728 [12] Dunkelman O, Keller N, Shamir A. Slidex attacks on the Even–Mansour encryption scheme[J]. Journal of Cryptology, 2015, 28(1): 1-28 [13] Lampe R, Patarin J, Seurin Y. An asymptotically tight security analysis of the iterated even-mansour cipher[C] //International Conference on the Theory and Application of Cryptology and Information Security. Springer, Berlin, Heidelberg, 2012: 278-295 [14] Mouha N, Luykx A. Multi-key security: The Even-Mansour construction revisited[C] //Annual Cryptology Conference. Springer, Berlin, Heidelberg, 2015: 209-223 [15] Biham E, Shamir A. Differential cryptanalysis of the data encryption standard[M]. Springer Science & Business Media, 2012 [16]. Biryukov A, Wagner D. Slide attacks[C] //International Workshop on Fast Software Encryption. Springer, Berlin, Heidelberg, 1999: 245-259 [17] Biryukov A, Wagner D. Advanced slide attacks[C] //International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, 2000: 589-606 [18] Dunkelman O, Keller N, Shamir A. Minimalism in cryptography: The Even-Mansour scheme revisited[C] //Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, 2012: 336-354 [19] Biham E. New types of cryptanalytic attacks using related keys[J]. Journal of Cryptology, 1994, 7(4): 229-246 [20] Biham E, Dunkelman O, Keller N. Improved slide attacks[C] //International Workshop on Fast Software Encryption. Springer, Berlin, Heidelberg, 2007: 153-166 [21] Furuya S. Slide attacks with a known-plaintext cryptanalysis[C] //International Conference on Information Security and Cryptology. Springer, Berlin, Heidelberg, 2001: 214-225 [22] Mathis F H. A generalized birthday problem[J]. SIAM Review, 1991, 33(2): 265-270 [23] Suzuki K, Tonien D, Kurosawa K, et al. Birthday paradox for multi-collisions[C] //International Conference on Information Security and Cryptology. Springer, Berlin, Heidelberg, 2006: 29-40 [24] Wagner D. A generalized birthday problem[C] //Annual International Cryptology Conference. Springer, Berlin, Heidelberg, 2002: 288-304

Slide Attacks on the Even-Mansour Scheme with Key Leakage

密钥泄露下Even-Mansour密码的滑动攻击

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 4

Recommended Articles

Metrics

[1]	. Application Security of Block Cipher Mode of Operation [J]. Journal of Information Security Research, 2019, 5(1): 23-28.
[2]	. A Novel Modulus Factorization Algorithm for RSA Cryptosystem [J]. Journal of Information Security Research, 2016, 2(3): 225-229.
[3]	. Overview on SM4 Algorithm [J]. Journal of Information Security Research, 2016, 2(11): 995-1007.
[4]	. Development of Authenticated Encryption [J]. Journal of Information Security Research, 2016, 2(10): 876-882.