Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in an input can affect the resultant difference at the output. In the case of a block cipher, it refers to a set of techniques for tracing differences through the network of transformations, discovering where the cipher exhibits nonrandom behaviour, and exploiting such properties to recover the secret key. Cryptanalysis (from the Greek kryptÃ³s, hidden, and analÃ½ein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ...
In cryptography, a block cipher is a symmetric key cipher which operates on fixedlength groups of bits, termed blocks, with an unvarying transformation. ...
The operation of A5/1, a LFSRbased stream cipher used to encrypt mobile phone conversations. ...
In cryptography, a cryptographic hash function is a hash function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. ...
Information processing In information processing, input is the process of receiving information from an object. ...
// Information processing In information processing, output is the process of transmitting information by an object (verb usage). ...
This article is about algorithms for encryption and decryption. ...
It has been suggested that random number be merged into this article or section. ...
A key is a piece of information that controls the operation of a cryptography algorithm. ...
While DES was designed with resistance to differential cryptanalysis in mind, other contemporary ciphers proved to be vulnerable. An early target for the attack was the FEAL block cipher. The original proposed version with four rounds (FEAL4) can be broken using only eight chosen plaintexts, and even a 31round version of FEAL is susceptible to the attack. There have been several different revisions of FEAL, though all are Feistel ciphers, and make use of the same basic round function and operate on a 64bit block. ...
A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ...
A description of the attack
Differential cryptanalysis is usually a chosen plaintext attack, meaning that the attacker must be able to obtain encrypted ciphertexts for some set of plaintexts of his choosing. The scheme can successfully cryptanalyze DES with an effort on the order 2^47 chosen plaintexts. There are, however, extensions that would allow a known plaintext or even a ciphertextonly attack. The basic method uses pairs of plaintext related by a constant difference; difference can be defined in several ways, but the eXclusive OR (XOR) operation is usual. The attacker then computes the differences of the corresponding ciphertexts, hoping to detect statistical patterns in their distribution. In the basic attack, one particular ciphertext difference is expected to be especially frequent; in this way, the cipher can be distinguished from random. More sophisticated variations allow the key to be recovered faster than exhaustive search. A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ...
In cryptography, encryption is the process of obscuring information to make it unreadable without special knowledge. ...
The plain text term has a different meaning. ...
The knownplaintext attack is a cryptanalytic attack in which the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ...
In cryptography, a ciphertextonly attack is a form of cryptanalysis where the attacker is assumed to have access only to a set of ciphertexts. ...
5  2 = 3 Subtraction is one of the four basic arithmetic operations; it is essentially the opposite of addition. ...
Exclusive disjunction (usual symbol xor) is a logical operator that results in true if one of the operands (not both) is true. ...
This article is about algorithms for encryption and decryption. ...
It has been suggested that random number be merged into this article or section. ...
The EFFs US$250,000 DES cracking machine contained over 18,000 custom chips and could brute force a DES key in a matter of days â€” the photograph shows a DES Cracker circuit board fitted with several Deep Crack chips In cryptanalysis, a brute force attack is a method...
For any particular cipher, the input difference must be carefully selected if the attack is to be successful. An analysis of the algorithm's internals is undertaken; the standard method is to trace a path of highly probable differences through the various stages of encryption, termed a differential characteristic. Since differential cryptanalysis became public knowledge, it has become a basic concern of cipher designers. New designs are expected to be accompanied by evidence that the algorithm is resistant to this attack, and many, including the Advanced Encryption Standard, have been proved to be secure against the attack. General Designer(s) Vincent Rijmen and Joan Daemen First published 1998 Derived from Square (cipher) Cipher(s) based on this design Crypton (cypher), Anubis (cipher), GRAND CRU Algorithm detail Block size(s) 128 bits note Key size(s) 128, 192 or 256 bits note Structure Substitutionpermutation network Number of...
In mathematics, a proof is a demonstration that, given certain axioms, some statement of interest is necessarily true. ...
Specialized types In cryptography, higherorder differential cryptanalysis is a generalisation of differential cryptanalysis, an attack against block ciphers. ...
This page meets Wikipedias criteria for speedy deletion. ...
See also Cryptography has had a long and colourful history. ...
In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. ...
References  Eli Biham, Adi Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer Verlag, 1993. ISBN 0387979301, ISBN 3540979301.
 Biham, E. and A. Shamir. (1990). Differential Cryptanalysis of DESlike Cryptosystems. Advances in Cryptology — CRYPTO '90. SpringerVerlag. 2–21.
 Eli Biham, Adi Shamir,"Differential Cryptanalysis of the Full 16Round DES," CS 708, Proceedings of CRYPTO '92, Volume 740 of Lecture Notes in Computer Science, December 1991.
http://www.cs.technion.ac.il/users/wwwb/cgibin/trget.cgi/1991/CS/CS0708.ps  Coppersmith, Don. (1994). The data encryption standard (DES) and its strength against attacks. IBM Journal of Research and Development, 38(3), 243–250. [1]
External links
