Known-key distinguishing attack
In cryptography, a known-key distinguishing attack is an attack model against symmetric ciphers, whereby an attacker who knows the key can find a structural property in cipher, where the transformation from plaintext to ciphertext is not random. There is no common formal definition for what such a transformation may be. The chosen-key distinguishing attack is strongly related, where the attacker can choose a key to introduce such transformations.
These attacks do not directly compromise the confidentiality of ciphers, because in a classical scenario, the key is unknown to the attacker. Known-/chosen-key distinguishing attacks apply in the "open key model" instead. They are known to be applicable in some situations where block ciphers are converted to hash functions, leading to practical collision attacks against the hash.
Known-key distinguishing attacks were first introduced in 2007 by Lars Knudsen and Vincent Rijmen in a paper that proposed such an attack against 7 out of 10 rounds of the AES cipher and another attack against a generalized Feistel cipher. Their attack finds plaintext/ciphertext pairs for a cipher with a known key, where the input and output have s least significant bits set to zero, in less than 2s time (where s is fewer than half the block size).
- Elena Andreeva, Andrey Bogdanov, Bart Mennink (8 July 2014). Towards Understanding the Known-Key Security of Block Ciphers. FSE 2014.CS1 maint: uses authors parameter (link)
- Yu Sasaki, Kan Yasuda (2011). Known-Key Distinguishers on 11-Round Feistel and Collision Attacks on Its Hashing Modes (PDF). FSE 2011.CS1 maint: uses authors parameter (link)
- Lars Knudsen, Vincent Rijmen (2007). Known-Key Distinguishers for Some Block Ciphers (PDF). Asiacrypt 2007.CS1 maint: uses authors parameter (link)
- Bruce Schneier (1 September 2010). "More Skein News". Schneier on Security.
- Dmitry Khovratovich; Ivica Nikolic; Christian Rechberger (20 October 2010). "Rotational Rebound Attacks on Reduced Skein". Cite journal requires
- Yaser Esmaeili Salehani, Hadi Ahmadi (2006). "A Chosen-key Distinguishing Attack on Phelix". CiteSeerX 10.1.1.431.3015. Cite journal requires
|journal=(help)CS1 maint: uses authors parameter (link)
- Yu Sasaki, Kan Yasuda. "Formalizing Known-Key "Distinguishers" - New Attacks on Feistel Ciphers" (PDF). Slides from CRYPTO 2010 Rump Session.CS1 maint: uses authors parameter (link)