Abstract:
Abstract. The DES has reached the end of its lifetime due to its too short key length and block length (56 and 64 bits respectively). As we are awaiting the new AES, triple (and double) encryption are the common solution. However, several authors have shown that these multiple modes are much less secure than anticipated. The general belief is that these schemes should not be used, as they are not resistant against attacks requiring 2 64 chosen plaintexts. This paper extends the analysis by considering some more realistic attack models. It also presents an improved attack on multiple modes that contain an OFB mode and discusses practical solutions that take into account realistic constraints. 1
Citations
|
292
|
cryptanalysis method for DES cipher, in
– Matsui, Linear
- 1994
|
|
265
|
Differential Cryptanalysis of the Data Encryption Standard
– Biham, Shamir
- 1993
|
|
237
|
P.: A Concrete Security Treatment of Symmetric Encryption
– Bellare, Desai, et al.
- 1997
|
|
108
|
New types of cryptanalytic attacks using related keys
– Biham
- 1993
|
|
81
|
How to protect DES against exhaustive key search
– Kilian, Rogaway
- 1996
|
|
66
|
Efficient DES Key Search
– Wiener
- 1996
|
|
56
|
Random mapping statistics
– Flajolet, Odlyzko
|
|
36
|
On the security of multiple encryption
– Merkle, Hellman
- 1981
|
|
29
|
Ciphers – Analysis, Design and applications
– Knudsen
- 1994
|
|
28
|
Hellman presents no shortcut solutions to DES
– Tuchman
- 1979
|
|
25
|
A known-plaintext attack on two-key triple encryption
– Oorschot, Wiener
- 1991
|
|
22
|
Cryptanalysis of multiple modes of operation
– Biham
- 1994
|
|
22
|
Data Encryption Standard
– FIPS
- 1977
|
|
17
|
Multiple encryption: Weighing security and performance
– Kaliski, Robshaw
- 1996
|
|
16
|
Improving implementable meetin-the-middle attacks by orders of magnitude,” CRYPTO ’96
– Oorschot, Wiener
- 1996
|
|
10
|
On Modes of Operation
– Biham
- 1994
|
|
8
|
Cryptanalysis of some recently-proposed multiple modes of operation
– Wagner
- 1998
|
|
7
|
A proposed mode for triple-DES encryption
– Coppersmith, Johnson, et al.
- 1996
|
|
5
|
Cryptanalysis of the ANSI X9.52 CBCM mode
– Biham, Knudsen
- 1998
|
|
5
|
DES Modes of Operation
– FIPS
- 1980
|
|
4
|
MacDES: MAC algorithm based on DES
– Knudsen, Preneel
- 1998
|
|
4
|
Attacking triple encryption
– Lucks
- 1998
|
|
4
|
On the security of the 128-bit block cipher DEAL
– Lucks
- 1998
|
|
3
|
Cryptanalysis of triple-modes of operation," Technion
– Biham
- 1996
|
|
3
|
A Chosen-Ciphertext Attack on Triple-DES Modes
– Coppersmith
- 1994
|
|
3
|
A Chosen-Plaintext Attack on 2-Key Inner Triple DES CBC
– Coppersmith
- 1995
|
|
3
|
DEAL: a 128-bit block cipher," AES submission
– Knudsen
- 1998
|
|
