论文信息 - Improved Time-Memory Trade-Offs with Multiple Data

Improved Time-Memory Trade-Offs with Multiple Data

In this paper we study time/memory/data trade-off attacks from two points of view. We show that Time-Memory trade-off (TMTO) by Hellman may be extended to Time/Memory/Key trade-off. For example, AES with 128-bit key has only 85-bit security if 243 encryptions of an arbitrary fixed text under different keys are available to the attacker. Such attacks are generic and are more practical than some recent high complexity chosen related-key attacks on round-reduced versions of AES. They constitute a practical threat for any cipher with 80-bit or shorter keys and are marginally practical for 128-bit key ciphers. We show that UNIX password scheme even with carefully generated passwords is vulnerable to practical trade-off attacks. Our second contribution is to present a unifying framework for the analysis of multiple data trade-offs. Both Babbage-Golic (BG) and Biryukov-Shamir (BS) formulas can be obtained as special cases of this framework. Moreover we identify a new class of single table multiple data trade-offs which cannot be obtained either as BG or BS trade-off. Finally we consider the analysis of the rainbow method of Oechslin and show that for multiple data, the TMTO curve of the rainbow method is inferior to the TMTO curve of the Hellman method.

[1] Ingrid Verbauwhede,et al. Cracking Unix Passwords using FPGA Platforms , 2005 .

[2] Alex Biryukov,et al. Real Time Cryptanalysis of A5/1 on a PC , 2000, FSE.

[3] Jean-Didier Legat,et al. A Cryptanalytic Time-Memory Tradeoff: First FPGA Implementation , 2002, FPL.

[4] Eli Biham,et al. Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials , 1999 .

[5] Alex Biryukov,et al. Cryptanalytic Time/Memory/Data Tradeoffs for Stream Ciphers , 2000, ASIACRYPT.

[6] Markku-Juhani O. Saarinen. A Time-Memory Tradeoff Attack Against LILI-128 , 2002, FSE.

[7] Philippe Oechslin,et al. Making a Faster Cryptanalytic Time-Memory Trade-Off , 2003, CRYPTO.

[8] Palash Sarkar,et al. Time memory tradeoff attacks on streamciphers , 2004 .

[9] Eli Biham,et al. How to Forge DES-Encrypted Messages in $2^{28}$ Steps , 1996 .

[10] S. Babbage. Improved “exhaustive search” attacks on stream ciphers , 1995 .

[11] Jovan Dj. Golic,et al. Cryptanalysis of Alleged A5 Stream Cipher , 1997, EUROCRYPT.

[12] Eli Biham,et al. How to decrypt or even substitute DES-encrypted messages in 228 steps , 2002, Inf. Process. Lett..

[13] Palash Sarkar,et al. Rediscovery of Time Memory Tradeoffs , 2005, IACR Cryptol. ePrint Arch..