论文信息 - Some Thoughts on Time-Memory-Data Tradeoffs

Some Thoughts on Time-Memory-Data Tradeoffs

In this paper we show that Time-Memory tradeoff by Hellman may be extended to Time-Memory-Key tradeoff thus allowing attacks much faster than exhaustive search for ciphers for which typically it is stated that no such attack exists. For example, as a result AES with 128-bit key has only 85-bit security if 2 encryptions of an arbitrary fixed text under different keys are available to the attacker. Such attacks are generic and are more practical than some recent high complexity chosen related-key attacks on round-reduced versions of AES. They constitute a practical threat for any cipher with 80-bit or shorter keys and are marginally practical for 128-bit key ciphers. We also show that UNIX password scheme even with carefully generated passwords is vulnerable to practical tradeoff attacks. Finally we also demonstrate a combination of rainbow tables with the time-memory-data tradeoff which results in a new tradeoff curve.

Alex Biryukov

[1] Palash Sarkar,et al. Time memory tradeoff attacks on streamciphers , 2004 .

[2] Martin E. Hellman,et al. A cryptanalytic time-memory trade-off , 1980, IEEE Trans. Inf. Theory.

[3] Eli Biham,et al. How to decrypt or even substitute DES-encrypted messages in 228 steps , 2002, Inf. Process. Lett..

[4] Ingrid Verbauwhede,et al. Cracking Unix Passwords using FPGA Platforms , 2005 .

[5] Eli Biham,et al. Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials , 1999, Journal of Cryptology.

[6] S. Babbage. Improved “exhaustive search” attacks on stream ciphers , 1995 .

[7] Markku-Juhani O. Saarinen. A Time-Memory Tradeoff Attack Against LILI-128 , 2002, FSE.

[8] Alex Biryukov,et al. Cryptanalytic Time/Memory/Data Tradeoffs for Stream Ciphers , 2000, ASIACRYPT.

[9] Jovan Dj. Golic,et al. Cryptanalysis of Alleged A5 Stream Cipher , 1997, EUROCRYPT.

[10] Philippe Oechslin,et al. Making a Faster Cryptanalytic Time-Memory Trade-Off , 2003, CRYPTO.

[11] Palash Sarkar,et al. Rediscovery of Time Memory Tradeoffs , 2005, IACR Cryptol. ePrint Arch..