Narrow-Bicliques: Cryptanalysis of Full IDEA

Publication: Research - peer-reviewConference article – Annual report year: 2012

Standard

Narrow-Bicliques: Cryptanalysis of Full IDEA. / Khovratovich, D.; Leurent, G.; Rechberger, C.

In: Lecture Notes in Computer Science, Vol. 7237, 2012, p. 392-410.

Publication: Research - peer-reviewConference article – Annual report year: 2012

Harvard

APA

CBE

MLA

Vancouver

Author

Khovratovich, D.; Leurent, G.; Rechberger, C. / Narrow-Bicliques: Cryptanalysis of Full IDEA.

In: Lecture Notes in Computer Science, Vol. 7237, 2012, p. 392-410.

Publication: Research - peer-reviewConference article – Annual report year: 2012

Bibtex

@article{afb890dfda3647af9757d9e619afc1bb,
title = "Narrow-Bicliques: Cryptanalysis of Full IDEA",
publisher = "Springer",
author = "D. Khovratovich and G. Leurent and C. Rechberger",
year = "2012",
doi = "10.1007/978-3-642-29011-4_24",
volume = "7237",
pages = "392--410",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",

}

RIS

TY - CONF

T1 - Narrow-Bicliques: Cryptanalysis of Full IDEA

A1 - Khovratovich,D.

A1 - Leurent,G.

A1 - Rechberger,C.

AU - Khovratovich,D.

AU - Leurent,G.

AU - Rechberger,C.

PB - Springer

PY - 2012

Y1 - 2012

N2 - We apply and extend the recently introduced biclique framework to IDEA and for the first time describe an approach to noticeably speed-up key-recovery for the full 8.5 round IDEA.We also show that the biclique approach to block cipher cryptanalysis not only obtains results on more rounds, but also improves time and data complexities over existing attacks. We consider the first 7.5 rounds of IDEA and demonstrate a variant of the approach that works with practical data complexity. The conceptual contribution is the narrow-bicliques technique: the recently introduced independent-biclique approach extended with ways to allow for a significantly reduced data complexity with everything else being equal. For this we use available degrees of freedom as known from hash cryptanalysis to narrow the relevant differential trails. Our cryptanalysis is of high computational complexity, and does not threaten the practical use of IDEA in any way, yet the techniques are practically verified to a large extent.<br/>

AB - We apply and extend the recently introduced biclique framework to IDEA and for the first time describe an approach to noticeably speed-up key-recovery for the full 8.5 round IDEA.We also show that the biclique approach to block cipher cryptanalysis not only obtains results on more rounds, but also improves time and data complexities over existing attacks. We consider the first 7.5 rounds of IDEA and demonstrate a variant of the approach that works with practical data complexity. The conceptual contribution is the narrow-bicliques technique: the recently introduced independent-biclique approach extended with ways to allow for a significantly reduced data complexity with everything else being equal. For this we use available degrees of freedom as known from hash cryptanalysis to narrow the relevant differential trails. Our cryptanalysis is of high computational complexity, and does not threaten the practical use of IDEA in any way, yet the techniques are practically verified to a large extent.<br/>

KW - Block ciphers

KW - Bicliques

KW - Meet-in-the-middle

KW - IDEA

KW - Key recovery.

U2 - 10.1007/978-3-642-29011-4_24

DO - 10.1007/978-3-642-29011-4_24

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

VL - 7237

SP - 392

EP - 410

ER -