The Delicate Issues of Addition with Respect to XOR Differences

In this paper we analyze the previous attacks on the block cipher SHACAL-1 and show that all the differential-based attacks fail due to mistreatment of XOR differences through addition. We show that the previously published differential and rectangle attacks on SHACAL-1 fail as some of the underlying differentials are impossible. The related-key rectangle attacks on the cipher generally fail, but if some conditions are imposed on the key (i.e., for a weak key class) they work. After identifying the flaws in previous attacks, we present possible fixes to these attacks. We then present some modified differentials which lead to a related-key rectangle attack which can be applied to 2504 weak keys. Our observations are then used to improve a related-key rectangle attack on IDEA by a factor of 2.

[1]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[2]  Hui Chen,et al.  Cryptanalysis of the Hash Functions MD4 and RIPEMD , 2005, EUROCRYPT.

[3]  Xiaoyun Wang,et al.  Efficient Collision Search Attacks on SHA-0 , 2005, CRYPTO.

[4]  Jongsung Kim,et al.  The Related-Key Rectangle Attack - Application to SHACAL-1 , 2004, ACISP.

[5]  Bruce Schneier,et al.  Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA , 1997, ICICS.

[6]  Eli Biham,et al.  Rectangle Attacks on 49-Round SHACAL-1 , 2003, FSE.

[7]  Bruce Schneier,et al.  Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES , 1996, CRYPTO.

[8]  Jongsung Kim,et al.  Related-Key Rectangle Attack on the Full SHACAL-1 , 2006, Selected Areas in Cryptography.

[9]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[10]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[11]  Eli Biham,et al.  Related-Key Boomerang and Rectangle Attacks , 2005, EUROCRYPT.

[12]  Eli Biham,et al.  New types of cryptanalytic attacks using related keys , 1994, Journal of Cryptology.

[13]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[14]  Jongsung Kim,et al.  Amplified Boomerang Attack against Reduced-Round SHACAL , 2002, ASIACRYPT.

[15]  Xiaoyun Wang,et al.  How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.

[16]  Mark Blunden,et al.  Related Key Attacks on Reduced Round KASUMI , 2001, FSE.

[17]  Xuejia Lai,et al.  Markov Ciphers and Differential Cryptanalysis , 1991, EUROCRYPT.

[18]  Jongsung Kim,et al.  Related-Key Rectangle Attacks on Reduced Versions of SHACAL-1 and AES-192 , 2005, FSE.

[19]  Jongsung Kim,et al.  Differential and Rectangle Attacks on Reduced-Round SHACAL-1 , 2006, INDOCRYPT.

[20]  Seokhie Hong,et al.  Related Key Differential Attacks on 27 Rounds of XTEA and Full-Round GOST , 2004, FSE.