Improved Meet-in-the-Middle Attacks on Reduced-Round DES

The Data Encryption Standard (DES) is a 64-bit block cipher. Despite its short key size of 56 bits, DES continues to be used to protect financial transactions valued at billions of Euros. In this paper, we investigate the strength of DES against attacks that use a limited number of plaintexts and ciphertexts. By mounting meet-in-the-middle attacks on reduced-round DES, we find that up to 6-round DES is susceptible to this kind of attacks. The results of this paper lead to a better understanding on the way DES can be used.

[1]  Martin E. Hellman,et al.  A cryptanalytic time-memory trade-off , 1980, IEEE Trans. Inf. Theory.

[2]  Adi Shamir,et al.  On the Security of DES , 1985, CRYPTO.

[3]  Gregory V. Bard,et al.  Algebraic Cryptanalysis of the Data Encryption Standard , 2007, IMACC.

[4]  Sébastien Kunz-Jacques,et al.  New Improvements of Davies-Murphy Cryptanalysis , 2005, ASIACRYPT.

[5]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[6]  Christof Paar,et al.  Breaking Ciphers with COPACOBANA - A Cost-Optimized Parallel Code Breaker , 2006, CHES.

[7]  David Chaum,et al.  Crytanalysis of DES with a Reduced Number of Rounds: Sequences of Linear Factors in Block Ciphers , 1985, CRYPTO.

[8]  Lars R. Knudsen,et al.  DES-X (or DESX) , 2005, Encyclopedia of Cryptography and Security.

[9]  Igor A. Semaev,et al.  New Technique for Solving Sparse Equation Systems , 2006, IACR Cryptology ePrint Archive.

[10]  Sean Murphy,et al.  Pairs and triplets of DES S-boxes , 2004, Journal of Cryptology.

[11]  John Gilmore,et al.  Cracking DES - secrets of encryption research, wiretap politics and chip design: how federal agencies subvert privacy , 1998 .

[12]  Eli Biham,et al.  Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.

[13]  Ralph Howard,et al.  Data encryption standard , 1987 .

[14]  D. Chaum,et al.  Cryptanalysis of DES with a reduced number of rounds , 1986, CRYPTO 1986.

[15]  Eli Biham,et al.  An improvement of Davies’ attack on DES , 1994, Journal of Cryptology.

[16]  Christof Paar,et al.  New Lightweight DES Variants , 2007, FSE.

[17]  Toshinobu Kaneko,et al.  Quadratic Relation of S-box and Its Application to the Linear Attack of Full Round DES , 1998, CRYPTO.

[18]  D. Chaum,et al.  Di(cid:11)erential Cryptanalysis of the full 16-round DES , 1977 .

[19]  Whitfield Diffie,et al.  Special Feature Exhaustive Cryptanalysis of the NBS Data Encryption Standard , 1977, Computer.

[20]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[21]  Eli Biham,et al.  Differential Cryptanalysis of the Full 16-Round DES , 1992, CRYPTO.