Abstract
The slide attack, presented by Biryukov and Wagner, has already become a classical tool in cryptanalysis of block ciphers. While it was used to mount practical attacks on a few cryptosystems, its practical applicability is limited, as typically, its time complexity is lower bounded by 2 n (where n is the block size). There are only a few known scenarios in which the slide attack performs better than the 2 n bound. In this paper, we concentrate on efficient slide attacks, whose time complexity is less than 2 n. We present a number of new attacks that apply in scenarios in which previously known slide attacks are either inapplicable, or require at least 2 n operations. In particular, we present the first known slide attack on a Feistel construction with a 3-round self-similarity, and an attack with practical time complexity of 2 40 on a 128-bit key variant of the GOST block cipher with unknown S-boxes. The best previously known attack on the same variant, with known S-boxes (by Courtois), has time complexity of 2 91.
| Original language | English |
|---|---|
| Pages (from-to) | 641-670 |
| Number of pages | 30 |
| Journal | Journal of Cryptology |
| Volume | 31 |
| Issue number | 3 |
| DOIs | |
| State | Published - 1 Jul 2018 |
Keywords
- 1K-AES
- 3K-DES
- Cycle structure
- GOST
- Slide attacks
All Science Journal Classification (ASJC) codes
- Software
- Computer Science Applications
- Applied Mathematics