Jump to content

Known-key distinguishing attack

Edit links
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Dcirovic (talk | contribs) at 15:50, 1 June 2016 (clean up using AWB). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In cryptography, a known-key distinguishing attack is an attack model against symmetric ciphers, whereby an attacker who knows the key can find a structural property in cipher, where the transformation from plaintext to ciphertext is not random. There is no common formal definition for what such a transformation may be. The chosen-key distinguishing attack is strongly related, where the attacker can choose a key to introduce such transformations.[1]

These attacks do not directly compromise the confidentiality of ciphers, because in a classical scenario, the key is unknown to the attacker. Known-/chosen-key distinguishing attacks apply in the "open key model" instead.[1] They are known to be applicable in some situations where block ciphers are converted to hash functions, leading to practical collision attacks against the hash.[2]

Known-key distinguishing attacks were first introduced in 2007 by Lars Knudsen and Vincent Rijmen[1] in a paper that proposed such an attack against 7 out of 10 rounds of the AES cipher and another attack against a generalized Feistel cipher. Their attack finds plaintext/ciphertext pairs for a cipher with a known key, where the input and output have s least significant bits set to zero, in less than 2s time (where s is fewer than half the block size).[3]

These attacks have also been applied to reduced-round Threefish (Skein)[4][5] and Phelix.[6]

See also

References

  1. ^ a b c Towards Understanding the Known-Key Security of Block Ciphers. FSE 2014. 8 July 2014. {{cite conference}}: Cite uses deprecated parameter |authors= (help)
  2. ^ Known-Key Distinguishers on 11-Round Feistel and Collision Attacks on Its Hashing Modes (PDF). FSE 2011. 2011. {{cite conference}}: Cite uses deprecated parameter |authors= (help)
  3. ^ Known-Key Distinguishers for Some Block Ciphers (PDF). Asiacrypt 2007. 2007. {{cite conference}}: Cite uses deprecated parameter |authors= (help)
  4. ^ Bruce Schneier (1 September 2010). "More Skein News". Schneier on Security.
  5. ^ Dmitry Khovratovich; Ivica Nikolic; Christian Rechberger (20 October 2010). "Rotational Rebound Attacks on Reduced Skein". {{cite journal}}: Cite journal requires |journal= (help)
  6. ^ "A Chosen-key Distinguishing Attack on Phelix". 2006. {{cite journal}}: Cite journal requires |journal= (help); Cite uses deprecated parameter |authors= (help)

Further reading


Stub icon

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Known-key_distinguishing_attack&oldid=723193380"