Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Improbable differential cryptanalysis
Download
index.pdf
Date
2014
Author
Tezcan, Cihangir
Metadata
Show full item record
Item Usage Stats
197
views
169
downloads
Cite This
We present a new statistical cryptanalytic technique that we call improbable differential cryptanalysis which uses a differential that is less probable when the correct key is used. We provide data complexity estimates for this kind of attacks and we also show a method to expand impossible differentials to improbable differentials. By using this expansion method, we cryptanalyze 13, 14, and 15-round \textsc{Clefia} for the key sizes of length 128, 192, and 256 bits, respectively. These are the best cryptanalytic results on \textsc{Clefia} up to this date. We introduce a new criteria for evaluating S-boxes that we call undisturbed bits and attack \textsc{Present} and \textsc{Serpent} by exploiting their S-boxes. Without using undisturbed bits, the longest improbable differential attack we could find for \textsc{Present} had a length of 7-rounds. However, we show that \textsc{Present} has 6 undisturbed bits and by using them, we can construct 10-round improbable differentials and attack \textsc{Present} reduced to 13 rounds. Similarly, without using undisturbed bits, the longest impossible differential we could find on \textsc{Serpent} had a length of 3.5 rounds. However, we obtained four 5.5-round impossible differentials on \textsc{Serpent} and provided a 7-round improbable differential attack. Hence, undisturbed bits should be avoided by S-box designers. Moreover, we provide a second S-box property that we call differential factors. A key recovery attack may not capture the whole subkey corresponding to a S-box with a differential factor. This helps the attacker to guess less subkey bits and reduce the time complexity of the attack. By using differential factors, we show that 10, 11, and 12-round differential-linear attacks of Dunkelman et al. on \textsc{Serpent} can actually be performed with time complexities reduced by a factor of 4, 4, and 8, respectively. Furthermore, we slightly reduce the data complexity of these attacks by changing the differential with a more probable one but end up with an attack with higher time complexity.
Subject Keywords
Data encryption (Computer science).
,
Cryptography.
,
Ciphers.
URI
http://etd.lib.metu.edu.tr/upload/12617359/index.pdf
https://hdl.handle.net/11511/23581
Collections
Graduate School of Applied Mathematics, Thesis
Suggestions
OpenMETU
Core
The Improbable Differential Attack: Cryptanalysis of Reduced Round CLEFIA
Tezcan, Cihangir (2010-01-01)
In this paper we present a new statistical cryptanalytic technique that we call improbable differential cryptanalysis which uses a differential that is less probable when the correct key is used. We provide data complexity estimates for this kind of attacks and we also show a method to expand impossible differentials to improbable differentials. By using this expansion method, we cryptanalyze 13, 14, and 15-round CLEFIA for the key sizes of length 128, 192, and 256 bits, respectively. These are the best cry...
Improbable differential attacks on SERPENT using undisturbed bits
Tezcan, Cihangir; Demircioʇlu, Murat (2014-01-01)
A recently introduced S-box evaluation criteria called undisturbed bits allow the attacker to construct longer truncated, impossible or improbable differentials. In this paper, we analyze the security of Serpent against impossible and improbable differential cryptanalysis for the first time and provide a 7-round improbable differential attack by using undisturbed bits of its S-boxes. Although these cryptanalytic techniques are discovered after Serpent was designed, our analysis shows that the cipher is secu...
Modular exponentiation methods in cryptography
Yünüak, Hasan Bartu; Cenk, Murat; Department of Cryptography (2017)
Modular exponentiation has an important role in many cryptographic algorithms. These exponentiation methods differ in the bases used and their representations, the repeating aspect, and for which algorithms they are used for: fixed or variable base. Our research aims to compare the efficiencies and implementation timings for some selected algorithms. Also, we look at the options for using a dedicated cubing algorithm, and compare them with the current algorithms.
A Genetic Isometric Shape Correspondence Algorithm with Adaptive Sampling
Sahillioğlu, Yusuf (2018-11-01)
We exploit the permutation creation ability of genetic optimization to find the permutation of one point set that puts it into correspondence with another one. To this end, we provide a genetic algorithm for the 3D shape correspondence problem, which is the main contribution of this article. As another significant contribution, we present an adaptive sampling approach that relocates the matched points based on the currently available correspondence via an alternating optimization. The point sets to be match...
Large sparse matrix-vector multiplication over finite fields
Mangır, Ceyda; Cenk, Murat; Manguoğlu, Murat; Department of Cryptography (2019)
Cryptographic computations such as factoring integers and computing discrete logarithms require solving a large sparse system of linear equations over finite fields. When dealing with such systems iterative solvers such as Wiedemann or Lanczos algorithms are used. The computational cost of both methods is often dominated by successive matrix-vector products. In this thesis, we introduce a new algorithm for computing a large sparse matrix-vector multiplication over finite fields. The proposed algorithm is im...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
C. Tezcan, “Improbable differential cryptanalysis,” Ph.D. - Doctoral Program, Middle East Technical University, 2014.