论文信息 - An improvement of Davies’ attack on DES

An improvement of Davies’ attack on DES

In this paper we improve Davies’ attack [2] on DES to become capable of breaking the full 16-round DES faster than the exhaustive search. Our attack requires 250 known plaintexts and 250 complexity of analysis. If independent subkeys are used, a variant of this attack can find 26 bits out of the 768 key bits using 252 known plaintexts. All the 768 bits of the subkeys can be found using 260 known plaintexts. The data analysis requires only several minutes on a SPARC workstation. Therefore, this is the third successful attack on DES, faster than brute force, after differential cryptanalysis [1] and linear cryptanalysis [5]. We also suggest criteria which make the S-boxes immune to this attack.

Eli Biham | Alex Biryukov | A. Biryukov | E. Biham

[1] Sean Murphy,et al. Pairs and triplets of DES S-boxes , 2004, Journal of Cryptology.

[2] Mitsuru Matsui,et al. Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[3] Eli Biham,et al. Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.