RELATED-KEY ATTACK AGAINST TRIPLE ENCRYPTION BASED ON FIXED POINTS
Serge Vaudenay
2011
Abstract
Triple encryption was proposed to increase the security of single encryption when the key is too short. In the past, there have been several attacks in this encryption mode. When triple encryption is based on two keys, Merkle and Hellman proposed a subtle meet-in-the-middle attack which can break it at a price similar to breaking single encryption (but with nearly all the code book). When triple encryption is based on three keys, Kelsey, Schneier, and Wagner proposed a related-key attack which can break it at a price similar to breaking single encryption. In this paper, we propose a new related-key attack against triple encryption which compares to breaking single encryption in the two cases. Our attack against two-key triple-encryption has exactly the same performances as a meet-in-the-middle on double-encryption. It is based on the discovery of fixed points in a decrypt-encrypt sequence using related keys. In the two-key case, it is comparable to the Merkle-Hellman attack (except that is uses related keys). In the three-key case, it has a higher complexity than the Kelsey-Schneier-Wagner attack but can live with known plaintexts.
References
- M. Bellare, P. Rogaway. The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs. In Advances in Cryptology EUROCRYPT'06, St. Petersburg, Russia, Lecture Notes in Computer Science 4004, pp. 409-426, Springer-Verlag, 2006.
- M. Bellare, P. Rogaway. The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs. In Advances in Cryptology EUROCRYPT'06, St. Petersburg, Russia, Lecture Notes in Computer Science 4004, pp. 409-426, Springer-Verlag, 2006.
- E. Biham. New Types of Cryptanalytic Attacks Using related Keys. In Advances in Cryptology EUROCRYPT'93, Lofthus, Norway, Lecture Notes in Computer Science 765, pp. 398-409, Springer-Verlag, 1994.
- E. Biham. New Types of Cryptanalytic Attacks Using related Keys. In Advances in Cryptology EUROCRYPT'93, Lofthus, Norway, Lecture Notes in Computer Science 765, pp. 398-409, Springer-Verlag, 1994.
- E. Biham. New Types of Cryptanalytic Attacks Using Related Keys. Journal of Cryptology, vol. 7, pp. 229- 246, 1994.
- E. Biham. New Types of Cryptanalytic Attacks Using Related Keys. Journal of Cryptology, vol. 7, pp. 229- 246, 1994.
- E. Biham. How to Decrypt or even Substitute DESEncrypted Messages in 228 steps. Technical report CS 884, 1996.
- E. Biham. How to Decrypt or even Substitute DESEncrypted Messages in 228 steps. Technical report CS 884, 1996.
- A. Biryukov, D. Khovratovich. Related-key Cryptanalysis of the Full AES-192 and AES-256. In Advances in Cryptology ASIACRYPT'09, Tokyo, Japan, Lecture Notes in Computer Science 5912, pp. 1-18, SpringerVerlag, 2009.
- A. Biryukov, D. Khovratovich. Related-key Cryptanalysis of the Full AES-192 and AES-256. In Advances in Cryptology ASIACRYPT'09, Tokyo, Japan, Lecture Notes in Computer Science 5912, pp. 1-18, SpringerVerlag, 2009.
- A. Biryukov, D. Khovratovich, I. Nikolic. Distinguisher and Related-Key Attack on the Full AES-256. In Advances in Cryptology CRYPTO'09, Santa Barbara, California, U.S.A., Lecture Notes in Computer Science 5677, pp. 231-249, Springer-Verlag, 2009.
- A. Biryukov, D. Khovratovich, I. Nikolic. Distinguisher and Related-Key Attack on the Full AES-256. In Advances in Cryptology CRYPTO'09, Santa Barbara, California, U.S.A., Lecture Notes in Computer Science 5677, pp. 231-249, Springer-Verlag, 2009.
- W. Diffie, M.E. Hellman. Exhaustive Cryptanalysis of the NBS Data Encryption Standard. Computer, vol. 10, pp. 74-84, 1977.
- W. Diffie, M.E. Hellman. Exhaustive Cryptanalysis of the NBS Data Encryption Standard. Computer, vol. 10, pp. 74-84, 1977.
- J. Kelsey, B. Schneier, D. Wagner. Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and TripleDES. In Advances in Cryptology CRYPTO'96, Santa Barbara, California, U.S.A., Lecture Notes in Computer Science 1109, pp. 237-251, Springer-Verlag, 1996.
- J. Kelsey, B. Schneier, D. Wagner. Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and TripleDES. In Advances in Cryptology CRYPTO'96, Santa Barbara, California, U.S.A., Lecture Notes in Computer Science 1109, pp. 237-251, Springer-Verlag, 1996.
- L.R. Knudsen. Cryptanalysis of LOKI91. In Advances in Cryptology AUSCRYPT'92, Gold Coast, Queensland, Australia, Lecture Notes in Computer Science 718, pp. 196-208, Springer-Verlag, 1993.
- L.R. Knudsen. Cryptanalysis of LOKI91. In Advances in Cryptology AUSCRYPT'92, Gold Coast, Queensland, Australia, Lecture Notes in Computer Science 718, pp. 196-208, Springer-Verlag, 1993.
- S. Lucks. Attacking Triple Encryption. In Fast Software Encryption'98, Paris, France, Lecture Notes in Computer Science 1372, pp. 239-253, Springer-Verlag, 1998.
- S. Lucks. Attacking Triple Encryption. In Fast Software Encryption'98, Paris, France, Lecture Notes in Computer Science 1372, pp. 239-253, Springer-Verlag, 1998.
- R.C. Merkle, M.E. Hellman. On the Security of Multiple Encryption. Communications of the ACM, vol. 24, pp. 465-467, 1981.
- R.C. Merkle, M.E. Hellman. On the Security of Multiple Encryption. Communications of the ACM, vol. 24, pp. 465-467, 1981.
- P.C. van Oorschot, M.J. Wiener. A Known-Plaintext Attack on Two-Key Triple Encryption. In Advances in Cryptology EUROCRYPT'90, Aarhus, Denemark, Lecture Notes in Computer Science 473, pp. 318-325, Springer-Verlag, 1991.
- P.C. van Oorschot, M.J. Wiener. A Known-Plaintext Attack on Two-Key Triple Encryption. In Advances in Cryptology EUROCRYPT'90, Aarhus, Denemark, Lecture Notes in Computer Science 473, pp. 318-325, Springer-Verlag, 1991.
- P.C. van Oorschot, M.J. Wiener. Parallel Collision Search with Cryptanalytic Applications. Journal of Cryptology, vol. 12, pp. 1-28, 1999.
- P.C. van Oorschot, M.J. Wiener. Parallel Collision Search with Cryptanalytic Applications. Journal of Cryptology, vol. 12, pp. 1-28, 1999.
- R. C.-W. Phan. Related-Key Attacks on Triple-DES and DESX Variants. In Topics in Cryptology CT-RSA'04, San Francisco, California, U.S.A., Lecture Notes in Computer Science 2964, pp. 15-24, Springer-Verlag, 2004.
- R. C.-W. Phan. Related-Key Attacks on Triple-DES and DESX Variants. In Topics in Cryptology CT-RSA'04, San Francisco, California, U.S.A., Lecture Notes in Computer Science 2964, pp. 15-24, Springer-Verlag, 2004.
- M.J. Wiener. The Full Cost of Cryptanalytic Attacks. Journal of Cryptology, vol. 17, pp. 105-124, 2004.
- M.J. Wiener. The Full Cost of Cryptanalytic Attacks. Journal of Cryptology, vol. 17, pp. 105-124, 2004.
Paper Citation
in Harvard Style
Vaudenay S. (2011). RELATED-KEY ATTACK AGAINST TRIPLE ENCRYPTION BASED ON FIXED POINTS . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011) ISBN 978-989-8425-71-3, pages 59-67. DOI: 10.5220/0003450900590067
in Harvard Style
Vaudenay S. (2011). RELATED-KEY ATTACK AGAINST TRIPLE ENCRYPTION BASED ON FIXED POINTS . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011) ISBN 978-989-8425-71-3, pages 59-67. DOI: 10.5220/0003450900590067
in Bibtex Style
@conference{secrypt11,
author={Serge Vaudenay},
title={RELATED-KEY ATTACK AGAINST TRIPLE ENCRYPTION BASED ON FIXED POINTS},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)},
year={2011},
pages={59-67},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003450900590067},
isbn={978-989-8425-71-3},
}
in Bibtex Style
@conference{secrypt11,
author={Serge Vaudenay},
title={RELATED-KEY ATTACK AGAINST TRIPLE ENCRYPTION BASED ON FIXED POINTS},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)},
year={2011},
pages={59-67},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003450900590067},
isbn={978-989-8425-71-3},
}
in EndNote Style
TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)
TI - RELATED-KEY ATTACK AGAINST TRIPLE ENCRYPTION BASED ON FIXED POINTS
SN - 978-989-8425-71-3
AU - Vaudenay S.
PY - 2011
SP - 59
EP - 67
DO - 10.5220/0003450900590067
in EndNote Style
TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)
TI - RELATED-KEY ATTACK AGAINST TRIPLE ENCRYPTION BASED ON FIXED POINTS
SN - 978-989-8425-71-3
AU - Vaudenay S.
PY - 2011
SP - 59
EP - 67
DO - 10.5220/0003450900590067