HOME

TheInfoList



Click Here for Items Related To - Integral Cryptanalysis
OR:
Integral Cryptanalysis on:   [Wikipedia]   [Google]   [Amazon]

In cryptography, integral cryptanalysis is a cryptanalytic attack that is particularly applicable to
block cipher In cryptography, a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called ''blocks''. Block ciphers are specified cryptographic primitive, elementary components in the design of many cryptographic protocols and ...
s based on
substitution–permutation network In cryptography, an SP-network, or substitution–permutation network (SPN), is a series of linked mathematical operations used in block cipher algorithms such as AES (Rijndael), 3-Way, Kalyna, Kuznyechik, PRESENT, SAFER, SHARK, and Square. S ...
s. It was originally designed by Lars Knudsen as a dedicated attack against Square, so it is commonly known as the Square attack. It was also extended to a few other ciphers related to Square:
CRYPTON In cryptography, CRYPTON is a symmetric block cipher submitted as a candidate for the Advanced Encryption Standard (AES). It is very efficient in hardware implementations and was designed by Chae Hoon Lim of Future Systems Inc. The CRYPTON al ...
, Rijndael, and SHARK. Stefan Lucks generalized the attack to what he called a ''saturation attack'' and used it to attack Twofish, which is not at all similar to Square, having a radically different Feistel network structure. Forms of integral cryptanalysis have since been applied to a variety of ciphers, including
Hierocrypt In cryptography, Hierocrypt-L1 and Hierocrypt-3 are block ciphers created by Toshiba in 2000. They were submitted to the NESSIE project, but were not selected. Both algorithms were among the cryptographic techniques recommended for Japanese gover ...
, IDEA, Camellia, Skipjack, MISTY1, MISTY2, SAFER++,
KHAZAD In cryptography, KHAZAD is a block cipher designed by Paulo S. L. M. Barreto together with Vincent Rijmen, one of the designers of the Advanced Encryption Standard ( Rijndael). KHAZAD is named after Khazad-dûm, the fictional dwarven realm in t ...
, and ''FOX'' (now called IDEA NXT). Unlike
differential cryptanalysis Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in information input can aff ...
, which uses pairs of chosen plaintexts with a fixed
XOR Exclusive or or exclusive disjunction is a logical operation that is true if and only if its arguments differ (one is true, the other is false). It is symbolized by the prefix operator J and by the infix operators XOR ( or ), EOR, EXOR, , ...
difference, integral cryptanalysis uses sets or even multisets of chosen plaintexts of which part is held constant and another part varies through all possibilities. For example, an attack might use 256 chosen plaintexts that have all but 8 of their bits the same, but all differ in those 8 bits. Such a set necessarily has an XOR sum of 0, and the XOR sums of the corresponding sets of ciphertexts provide information about the cipher's operation. This contrast between the differences of pairs of texts and the sums of larger sets of texts inspired the name "integral cryptanalysis", borrowing the terminology of calculus.


References

* * * * * * * * * * * * Cryptographic attacks {{crypto-stub