Narrow-Bicliques: Cryptanalysis of Full IDEA

We apply and extend the recently introduced biclique framework to IDEA and for the first time describe an approach to noticeably speed-up key-recovery for the full 8.5 round IDEA. We also show that the biclique approach to block cipher cryptanalysis not only obtains results on more rounds, but also improves time and data complexities over existing attacks. We consider the first 7.5 rounds of IDEA and demonstrate a variant of the approach that works with practical data complexity. The conceptual contribution is the narrow-bicliques technique: the recently introduced independent-biclique approach extended with ways to allow for a significantly reduced data complexity with everything else being equal. For this we use available degrees of freedom as known from hash cryptanalysis to narrow the relevant differential trails. Our cryptanalysis is of high computational complexity, and does not threaten the practical use of IDEA in any way, yet the techniques are practically verified to a large extent.

[1]  Whitfield Diffie,et al.  Special Feature Exhaustive Cryptanalysis of the NBS Data Encryption Standard , 1977, Computer.

[2]  Ingo Wegener,et al.  New Results on the Complexity of the Middle Bit of Multiplication , 2005, 20th Annual IEEE Conference on Computational Complexity (CCC'05).

[3]  Jian Guo,et al.  Preimages for Step-Reduced SHA-2 , 2009, IACR Cryptol. ePrint Arch..

[4]  Dmitry Khovratovich,et al.  Bicliques for Preimages: Attacks on Skein-512 and the SHA-2 family , 2012, IACR Cryptol. ePrint Arch..

[5]  Aggelos Kiayias,et al.  BiTR: Built-in Tamper Resilience , 2011, IACR Cryptol. ePrint Arch..

[6]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[7]  Vincent Rijmen,et al.  Improved Impossible Differential Cryptanalysis of 7-Round AES-128 , 2010, INDOCRYPT.

[8]  Alex Biryukov,et al.  Related-Key Cryptanalysis of the Full AES-192 and AES-256 , 2009, ASIACRYPT.

[9]  Andrey Bogdanov,et al.  Biclique Cryptanalysis of the Full AES , 2011, ASIACRYPT.

[10]  David Chaum,et al.  Crytanalysis of DES with a Reduced Number of Rounds: Sequences of Linear Factors in Block Ciphers , 1985, CRYPTO.

[11]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[12]  Philip Hawkes,et al.  Differential-Linear Weak Key Classes of IDEA , 1998, EUROCRYPT.

[13]  Elisabeth Oswald,et al.  A Comprehensive Evaluation of Mutual Information Analysis Using a Fair Evaluation Framework , 2011, CRYPTO.

[14]  Andrey Bogdanov,et al.  A 3-Subset Meet-in-the-Middle Attack: Cryptanalysis of the Lightweight Block Cipher KTANTAN , 2010, IACR Cryptol. ePrint Arch..

[15]  Eli Biham,et al.  New Data-Efficient Attacks on Reduced-Round IDEA , 2011, IACR Cryptol. ePrint Arch..

[16]  D. Chaum,et al.  Cryptanalysis of DES with a reduced number of rounds , 1986, CRYPTO 1986.

[17]  Benny Pinkas,et al.  Secure Two-Party Computation is Practical , 2009, IACR Cryptol. ePrint Arch..

[18]  Takanori Isobe A Single-Key Attack on the Full GOST Block Cipher , 2011, FSE.

[19]  C. Pandu Rangan,et al.  Progress in Cryptology - INDOCRYPT 2007, 8th International Conference on Cryptology in India, Chennai, India, December 9-13, 2007, Proceedings , 2007, INDOCRYPT.

[20]  Xuejia Lai,et al.  Hash Function Based on Block Ciphers , 1992, EUROCRYPT.

[21]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[22]  Xiaorui Sun,et al.  The Key-Dependent Attack on Block Ciphers , 2009, ASIACRYPT.

[23]  Yu Sasaki,et al.  Finding Preimages in Full MD5 Faster Than Exhaustive Search , 2009, EUROCRYPT.

[24]  Pierre-Alain Fouque,et al.  Automatic Search of Attacks on round-reduced AES and Applications , 2011, IACR Cryptol. ePrint Arch..

[25]  Joos Vandewalle,et al.  The Biryukov-Demirci Attack on IDEA and MESH Ciphers , 2003 .

[26]  Xuejia Lai,et al.  Markov Ciphers and Differential Cryptanalysis , 1991, EUROCRYPT.

[27]  Joos Vandewalle,et al.  New Weak-Key Classes of IDEA , 2002, ICICS.

[28]  Joos Vandewalle,et al.  Weak Keys for IDEA , 1994, CRYPTO.

[29]  Bart Preneel,et al.  Improved Meet-in-the-Middle Attacks on Reduced-Round DES , 2007, INDOCRYPT.

[30]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[31]  Rainer A. Rueppel Advances in Cryptology — EUROCRYPT’ 92 , 2001, Lecture Notes in Computer Science.

[32]  Vincent Rijmen,et al.  The Cipher SHARK , 1996, FSE.

[33]  Moti Yung,et al.  A New Randomness Extraction Paradigm for Hybrid Encryption , 2009, EUROCRYPT.

[34]  Hüseyin Demirci Square-like Attacks on Reduced Rounds of IDEA , 2002, Selected Areas in Cryptography.

[35]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[36]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[37]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[38]  Donald W. Davies,et al.  Advances in Cryptology — EUROCRYPT ’91 , 2001, Lecture Notes in Computer Science.

[39]  Jianying Zhou,et al.  Information and Communications Security , 2013, Lecture Notes in Computer Science.

[40]  Guang Gong,et al.  Progress in Cryptology - INDOCRYPT 2010 , 2010, Lecture Notes in Computer Science.