FACTOID # 13: New York has America's lowest percentage of residents who are veterans.
 
 Home   Encyclopedia   Statistics   States A-Z   Flags   Maps   FAQ   About 
   
 
WHAT'S NEW
 

SEARCH ALL

FACTS & STATISTICS    Advanced view

Search encyclopedia, statistics and forums:

 

 

(* = Graphable)

 

 


Encyclopedia > Differential cryptanalysis

Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in an input can affect the resultant difference at the output. In the case of a block cipher, it refers to a set of techniques for tracing differences through the network of transformations, discovering where the cipher exhibits non-random behaviour, and exploiting such properties to recover the secret key. Cryptanalysis (from the Greek kryptós, hidden, and analýein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ... In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ... The operation of A5/1, a LFSR-based stream cipher used to encrypt mobile phone conversations. ... In cryptography, a cryptographic hash function is a hash function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. ... Information processing In information processing, input is the process of receiving information from an object. ... // Information processing In information processing, output is the process of transmitting information by an object (verb usage). ... This article is about algorithms for encryption and decryption. ... It has been suggested that random number be merged into this article or section. ... A key is a piece of information that controls the operation of a cryptography algorithm. ...


While DES was designed with resistance to differential cryptanalysis in mind, other contemporary ciphers proved to be vulnerable. An early target for the attack was the FEAL block cipher. The original proposed version with four rounds (FEAL-4) can be broken using only eight chosen plaintexts, and even a 31-round version of FEAL is susceptible to the attack. There have been several different revisions of FEAL, though all are Feistel ciphers, and make use of the same basic round function and operate on a 64-bit block. ... A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ...

Contents


A description of the attack

Differential cryptanalysis is usually a chosen plaintext attack, meaning that the attacker must be able to obtain encrypted ciphertexts for some set of plaintexts of his choosing. The scheme can successfully cryptanalyze DES with an effort on the order 2^47 chosen plaintexts. There are, however, extensions that would allow a known plaintext or even a ciphertext-only attack. The basic method uses pairs of plaintext related by a constant difference; difference can be defined in several ways, but the eXclusive OR (XOR) operation is usual. The attacker then computes the differences of the corresponding ciphertexts, hoping to detect statistical patterns in their distribution. In the basic attack, one particular ciphertext difference is expected to be especially frequent; in this way, the cipher can be distinguished from random. More sophisticated variations allow the key to be recovered faster than exhaustive search. A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ... In cryptography, encryption is the process of obscuring information to make it unreadable without special knowledge. ... The plain text term has a different meaning. ... The known-plaintext attack is a cryptanalytic attack in which the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ... In cryptography, a ciphertext-only attack is a form of cryptanalysis where the attacker is assumed to have access only to a set of ciphertexts. ... 5 - 2 = 3 Subtraction is one of the four basic arithmetic operations; it is essentially the opposite of addition. ... Exclusive disjunction (usual symbol xor) is a logical operator that results in true if one of the operands (not both) is true. ... This article is about algorithms for encryption and decryption. ... It has been suggested that random number be merged into this article or section. ... The EFFs US$250,000 DES cracking machine contained over 18,000 custom chips and could brute force a DES key in a matter of days — the photograph shows a DES Cracker circuit board fitted with several Deep Crack chips In cryptanalysis, a brute force attack is a method...


For any particular cipher, the input difference must be carefully selected if the attack is to be successful. An analysis of the algorithm's internals is undertaken; the standard method is to trace a path of highly probable differences through the various stages of encryption, termed a differential characteristic.


Since differential cryptanalysis became public knowledge, it has become a basic concern of cipher designers. New designs are expected to be accompanied by evidence that the algorithm is resistant to this attack, and many, including the Advanced Encryption Standard, have been proved to be secure against the attack. General Designer(s) Vincent Rijmen and Joan Daemen First published 1998 Derived from Square (cipher) Cipher(s) based on this design Crypton (cypher), Anubis (cipher), GRAND CRU Algorithm detail Block size(s) 128 bits note Key size(s) 128, 192 or 256 bits note Structure Substitution-permutation network Number of... In mathematics, a proof is a demonstration that, given certain axioms, some statement of interest is necessarily true. ...


Specialized types

In cryptography, higher-order differential cryptanalysis is a generalisation of differential cryptanalysis, an attack against block ciphers. ... This page meets Wikipedias criteria for speedy deletion. ...

See also

Cryptography has had a long and colourful history. ... In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. ...

References

  • Eli Biham, Adi Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer Verlag, 1993. ISBN 0-387-97930-1, ISBN 3-540-97930-1.
  • Biham, E. and A. Shamir. (1990). Differential Cryptanalysis of DES-like Cryptosystems. Advances in Cryptology — CRYPTO '90. Springer-Verlag. 2–21.
  • Eli Biham, Adi Shamir,"Differential Cryptanalysis of the Full 16-Round DES," CS 708, Proceedings of CRYPTO '92, Volume 740 of Lecture Notes in Computer Science, December 1991.

http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1991/CS/CS0708.ps

  • Coppersmith, Don. (1994). The data encryption standard (DES) and its strength against attacks. IBM Journal of Research and Development, 38(3), 243–250. [1]

External links


Block ciphers edit
Algorithms: 3-Way | AES | Akelarre | Anubis | Blowfish | Camellia | CAST-128 | CAST-256 | CMEA | CS-Cipher | DEAL | DES | DES-X | FEAL | FOX | FROG | G-DES | GOST | ICE | IDEA | Iraqi | KASUMI | KHAZAD | Khufu and Khafre | LOKI89/91 | LOKI97 | Lucifer | MacGuffin | Madryga | MAGENTA | MARS | MISTY1 | MMB | NewDES | Noekeon | RC2 | RC5 | RC6 | REDOC | Red Pike | S-1 | SAFER | SEED | Serpent | SHACAL | SHARK | Skipjack | Square | TEA | Triple DES | Twofish | XTEA
Design: Feistel network | Key schedule | Product cipher | S-box | SPN   Attacks: Brute force | Linear / Differential cryptanalysis | Mod n | Related key | XSL   Standardization: AES process | CRYPTREC | NESSIE   Misc: Avalanche effect | Block size | IV | Key size | Modes of operation | Piling-up lemma | Weak key

  Results from FactBites:
 
Differential cryptanalysis - definition of Differential cryptanalysis in Encyclopedia (617 words)
Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions.
The discovery of differential cryptanalysis is generally attributed to Eli Biham and Adi Shamir in the late 1980s, who published a number of attacks against various block ciphers and hash functions, including a theoretical weakness in the Data Encryption Standard (DES).
Differential cryptanalysis is usually a chosen plaintext attack, meaning that the attacker must be able to obtain encrypted ciphertexts for some set of plaintexts of his choosing.
  More results at FactBites »

 
 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments

Want to know more?
Search encyclopedia, statistics and forums:

 


Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms, 1022, m