CiteSeerX — Search Results — length-based cryptanalysis

Results 1 - 10 of 60

Length-Based Cryptanalysis: The Case Of

by Thompson's Group Dima, Dima Ruinskiy, Adi Shamir, Boaz Tsaban , 2006

"... The length-based approach is a heuristic for solving randomly generated equations in groups which possess a reasonably behaved length function. We describe several improvements of the previously suggested length-based algorithms, that make them applicable to Thompson's group with significan ..."

Abstract - Add to MetaCart

The length-based approach is a heuristic for solving randomly generated equations in groups which possess a reasonably behaved length function. We describe several improvements of the previously suggested length-based algorithms, that make them applicable to Thompson's group

Length-based cryptanalysis: The case of Thompson’s Group

by Dima Ruinskiy, Adi Shamir, Boaz Tsaban - Journal of Mathematical Cryptology

"... Abstract. The length-based approach is a heuristic for solving randomly generated equations in groups which possess a reasonably behaved length function. We describe several improvements of the previously suggested length-based algorithms, that make them applicable to Thompson’s group with significa ..."

Abstract - Cited by 9 (4 self) - Add to MetaCart

Abstract. The length-based approach is a heuristic for solving randomly generated equations in groups which possess a reasonably behaved length function. We describe several improvements of the previously suggested length-based algorithms, that make them applicable to Thompson’s group

Markov Ciphers and Differential Cryptanalysis

by Xuejia Lai, James L. Massey, Sean Murphy - Advances in Cryptology -- CRYPTO '91 , 1991

"... This paper considers the security of iterated block ciphers against the differential cryptanalysis introduced by Biham and Shamir. Differential cryptanalysis is a chosen-plaintext attack on secret-key block ciphers that are based on iterating a cryptographically weak function r times (e.g., the 16-r ..."

Abstract - Cited by 134 (4 self) - Add to MetaCart

This paper considers the security of iterated block ciphers against the differential cryptanalysis introduced by Biham and Shamir. Differential cryptanalysis is a chosen-plaintext attack on secret-key block ciphers that are based on iterating a cryptographically weak function r times (e.g., the 16

Cryptanalysis in Prime Order Subgroups of

by Wenbo Mao, Filton Road

"... Many cryptographic protocols and cryptosystems have been proposed to make use of prime order subgroups of Z n where n is the product of two large distinct primes. In this paper we analyse a number of such schemes. While these schemes were proposed to utilise the difficulty of factoring large inte ..."

Abstract - Cited by 10 (2 self) - Add to MetaCart

integers or that of finding a trapdoor in Z n (for instance, the order of an RSA group), our analyses show much easier problems, some even trivially easy, as their real security bases. We summarise three classes of security failures in these schemes, and provide a formula to help factoring n which has

Cryptanalysis of Achterbahn-128/80

by María Naya Plasencia , 2006

"... This paper presents two key-recovery attacks against Achterbahn-128/80, the last version of one of the stream cipher proposals in the eSTREAM project. The attack against the 80-bit variant, Achterbahn-80, has complexity 2 56.32. The attack against Achterbahn-128 requires 2 75.4 operations and 2 61 k ..."

Abstract - Add to MetaCart

keystream bits. These attacks are based on an improvement of the attack due to Hell and Johansson against Achterbahn version 2 and also on an algorithm that makes profit of the short lengths of the constituent registers.

Cryptanalysis of the Revised NTRU signature scheme

by Craig Gentry, Mike Szydlo - in Proc. of Eurocrypt’02, LNCS 2332 , 2002

"... Abstract. In this paper, we describe a three-stage attack against Revised NSS, an NTRU-based signature scheme proposed at the Eurocrypt 2001 conference as an enhancement of the (broken) proceedings version of the scheme. The first stage, which typically uses a transcript of only 4 signatures, effect ..."

Abstract - Cited by 27 (2 self) - Add to MetaCart

, effectively cuts the key length in half while completely avoiding the intended hard lattice problem. After an empirically fast second stage, the third stage of the attack combines lattice-based and congruence-based methods in a novel way to recover the private key in polynomial time. This cryptanalysis shows

BDD-based cryptanalysis of keystream generators

by Matthias Krause - Advances in Cryptology – EUROCRYPT’02, LNCS 1462 , 2002

"... Abstract. Many of the keystream generators which are used in practice are LFSR-based in the sense that they produce the keystream according to a rule y = C(L(x)), where L(x) denotes an internal linear bitstream, produced by a small number of parallel linear feedback shift registers (LFSRs), and C de ..."

Abstract - Cited by 29 (1 self) - Add to MetaCart

Abstract. Many of the keystream generators which are used in practice are LFSR-based in the sense that they produce the keystream according to a rule y = C(L(x)), where L(x) denotes an internal linear bitstream, produced by a small number of parallel linear feedback shift registers (LFSRs), and C

Cryptanalysis of the Tillich-Zémor hash function

by Markus Grassl, Ivana Ilić, Spyros Magliveras, Rainer Steinwandt , 2009

"... At CRYPTO ’94, Tillich and Zémor proposed a family of hash functions, based on computing a suitable matrix product in groups of the form SL2(F2n). We show how to construct collisions between palindromic bit strings of length 2n + 2 for Tillich and Zémor’s construction. The approach also yields coll ..."

Abstract - Cited by 6 (0 self) - Add to MetaCart

At CRYPTO ’94, Tillich and Zémor proposed a family of hash functions, based on computing a suitable matrix product in groups of the form SL2(F2n). We show how to construct collisions between palindromic bit strings of length 2n + 2 for Tillich and Zémor’s construction. The approach also yields

COMPARATIVE STUDY ON DATA ENCRYPTION STANDARD USING DIFFERENTIAL CRYPTANALYSIS AND LINEAR CRYPTANALYSIS

by K M Sunjiv Soyjaudah, Sumithra Devi K A

"... This paper presents an approach for the comparative study on Data Encryption Standard (DES) using Differential Cryptanalysis and Linear cryptanalysis. In this paper, cipher text only attack is adopted and varieties of optimum keys are generated based on the cost function values. The goal of this pap ..."

Abstract - Add to MetaCart

This paper presents an approach for the comparative study on Data Encryption Standard (DES) using Differential Cryptanalysis and Linear cryptanalysis. In this paper, cipher text only attack is adopted and varieties of optimum keys are generated based on the cost function values. The goal

Length based attack and braid groups: cryptanalysis of Anshel-Anshel-Goldfeld key exchange protocol

by Alex D. Myasnikov, Alexander Ushakov - IN PUBLIC KEY CRYPTOGRAPHY – PKC 2007 , 2007

"... The length based attack on Anshel-Anshel-Goldfeld commutator key-exchange protocol [1] was initially proposed by Hughes and Tannenbaum in [9]. Several attempts have been made to implement the attack [6], but none of them had produced results convincing enough to believe that attack works. In this pa ..."

Abstract - Cited by 12 (3 self) - Add to MetaCart

The length based attack on Anshel-Anshel-Goldfeld commutator key-exchange protocol [1] was initially proposed by Hughes and Tannenbaum in [9]. Several attempts have been made to implement the attack [6], but none of them had produced results convincing enough to believe that attack works

Results 1 - 10 of 60

Tools