See this document in CiteSeerX!

Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES (1996)  (Make Corrections)  (21 citations)
John Kelsey, Bruce Schneier, David Wagner
Lecture Notes in Computer Science



  Home/Search   Context   Related

 
View or download:
berkeley.edu/~daw/...yschedcrypto96.ps
berkeley.edu/~daw/...yschedcrypto96.ps
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  berkeley.edu/~daw/me (more)
Homepages:  B.Schneier  D.Wagner
  

Rate this article: (best)
  Comment on this article  
Introduces new related-key attacks on several block ciphers.

Abstract: We present new attacks on key schedules of block ciphers. These attacks are based on the principles of related-key differential cryptanalysis: attacks that allow both keys and plaintexts to be chosen with specific differences. We show how these attacks can be exploited in actual protocols and cryptanalyze the key schedules of a variety of algorithms, including three-key triple-DES. (Update)

Context of citations to this paper:   More

.... Keys As the key schedule uses rotations and S boxes, it is highly unlikely that keys can be found that allow related key attacks [8, 15, 16]. Moreover, different rounds of Serpent use different S boxes, so even if related keys were found, related key attacks would not be...

...differential or linear characteristics in all four S boxes at once. 3. 10 Related key Cryptanalysis Related key cryptanalysis [Bih94, KSW96, KSW97] uses a cipher s key schedule to break plaintexts encrypted with related keys. In its most advanced form, differential related key...

Cited by:   More
On the Twofish Key Schedule - Bruce Schneier John (1998)   (Correct)
SQUARE Attacks on Reduced-Round PES and IDEA Block.. - Nakahara, Jr., Barreto, .. (2001)   (Correct)
Camellia: A 128-Bit Block Cipher Suitable for.. - Aoki, Ichikawa.. (2000)   (Correct)

Similar documents (at the sentence level):
74.7%:   Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER.. - Kelsey, Schneier, Wagner (1996)   (Correct)

Active bibliography (related documents):   More   All
1.3:   Related-Key Cryptanalysis of 3-WAY, Biham-DES, CAST.. - Kelsey, Schneier, Wagner   (Correct)
0.9:   The Security of MacGuffin - Wagner (1995)   (Correct)
0.8:   Block Ciphers - Robshaw (1995)   (Correct)

Similar documents based on text:   More   All
0.8:   Related-Key Cryptanalysis of 3-WAY, Biham-DES,CAST.. - Kelsey, Schneier, Wagner   (Correct)
0.7:   Protocol Interactions and the Chosen Protocol Attack - Kelsey, Schneier, Wagner (1997)   (Correct)
0.6:   Linearly Weak Keys of RC5 - Heys   (Correct)

Related documents from co-citation:   More   All
18:   New Types of Cryptanalytic Attacks Using Related Keys - Biham - 1994
13:   Linear cryptanalysis method for DES cipher (context) - Matsui - 1994
9:   Cryptanalysis of LOKI91 (context) - Knudsen - 1993

BibTeX entry:   (Update)

J. Kelsey, B. Schneier, and D. Wagner, "Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES," Advances in Cryptology---CRYPTO '96, Springer-Verlag, 1996, pp. 237--251. http://citeseer.ist.psu.edu/article/kelsey96keyschedule.html   More

@article{ kelsey96keyschedule,
    author = "John Kelsey and Bruce Schneier and David Wagner",
    title = "Key-Schedule Cryptanalysis of {IDEA}, {G-{DES}}, {GOST}, {SAFER}, and {Triple-{DES}}",
    journal = "Lecture Notes in Computer Science",
    volume = "1109",
    pages = "237--251",
    year = "1996",
    url = "citeseer.ist.psu.edu/article/kelsey96keyschedule.html" }
Citations (may not include all citations):
704   Applied Cryptography (context) - Schneier - 1996
202   Data Encryption Standard (context) - of, NBS - 1977
161   Differential Cryptanalysis of the Data Encryption Standard (context) - Biham, Shamir - 1993
118   Optimal Asymmetric Encryption---How to Encrypt with RSA (context) - Bellare, Rogaway - 1995
88   Markov Ciphers and Differential Cryptanalysis - Lai, Massey et al. - 1991
84   A Cryptographic File System for UNIX - Blaze - 1993
84   New Types of Cryptanalytic Attacks Using Related Keys - Biham - 1994
56   The RC5 Encryption Algorithm (context) - Rivest - 1995
54   A Software-Optimized Encryption Algorithm - Rogaway, Coppersmith - 1994
36   Fast Software Encryption Functions (context) - Merkle - 1991
35   the Security of Multiple Encryption (context) - Merkle, Hellman - 1981
28   Description of a New Variable-Length Key, 64-Bit Block Ciphe.. (context) - Schneier - 1994
24   Parallel Collision Search with Cryptanalytic Applications (context) - van Oorschot, Wiener - 1995
23   Fast Data Encipherment Algorithm FEAL (context) - Shimizu, Miyaguchi - 1988
22   Cryptanalysis of LOKI - Knudsen - 1993
19   Cryptanalysis of DES With a Reduced Number of Rounds (context) - Chaum, Evertse - 1986
16   Differential Cryptanalysis of the Full 16-round DES (context) - Biham, Shamir - 1993
16   Key Management in an Encrypting File System - Blaze - 1994
15   Practically Secure Feistel Ciphers - Knudsen - 1994
15   Producing One-Way Hash Functions from DES (context) - Winternitz - 1984
14   A Known-Plaintext Attack on TwoKey Triple Encryption - van Oorschot, Wiener - 1991
13   SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm (context) - Massey - 1994
13   DES is Not a Group (context) - Campbell, Wiener - 1993
12   Development of Authentication Protocols: Some Misconceptions.. - Mao, Boyd - 1994
12   Cryptanalysis of LOKI91 (context) - Knudsen - 1993
11   TEA, a Tiny Encryption Algorithm - Wheeler, Needham - 1995
11   Differential Cryptanalysis of Lucifer (context) - Ben-Aroya, Biham - 1994
11   A Key-schedule Weakness in SAFER K-64 (context) - Knudsen - 1995
11   Cryptographic Protection for Data Processing Systems (context) - Gosudarstvennyi - 1989
10   the Weak Keys in Blowfish - Vaudenay - 1996
10   Cycle Structure of the DES with Weak and Semi-Weak Keys (context) - Moore, Simmons - 1987
10   New Potentially `Weak' Keys for DES and LOKI (context) - Knudsen - 1995
9   Block Ciphers Based on Modular Arithmetic - Daemen, Govaerts et al. - 1993
8   Chosen-key Attacks on a Block Cipher (context) - Winternitz, Hellman - 1987
8   Long Key Variants of DES (context) - Berson - 1983
7   The Real Reason for Rivest's Phenomenon (context) - Coppersmith - 1986
6   Some Regular Properties of the DES (context) - Davies - 1983
6   On Simple and Secure Key Distribution - Tsudik, Herreweghen - 1993
5   A General Purpose Technique for Locating Key Scheduling Weak.. (context) - Kwan, Pieprzyk - 1993
4   Efficient Software Implementations of (Generalized) DES (context) - Pfitzmann, Abmann - 1990
4   Analysis of a Weakened Feistel-like Cipher (context) - Grossman, Tuckerman - 1978
3   Public-Key Cryptography Standard (PKCS) #1: RSA Encryption S.. (context) - Security - 1993
3   More Efficient Software Implementations of (Generalized) DES - Pfitzmann, Abmann - 1990
3   A Class of Weak Keys in the RC4 Stream Cipher (context) - Roos - 1995
1   Timing Attack Cryptanalysis of Diffie-Hellman, RSA, and Othe.. (context) - Kocher - 1996



The graph only includes citing articles where the year of publication is known.

Documents on the same site (http://now.cs.berkeley.edu/~daw/me.html):   More
Cryptanalysis of TWOPRIME - Coppersmith, Wagner, Schneier, Kelsey (1998)   (Correct)
Analysis of the SSL 3.0 protocol - Wagner, Schneier (1996)   (Correct)
Related-Key Cryptanalysis of 3-WAY, Biham-DES, CAST.. - Kelsey, Schneier, Wagner   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC