The slide attack, presented by Biryukov and Wagner, has already become a classical tool in cryptanalysis of block ciphers. While it was used to mount practical attacks on a few cryptosystems, its practical applicability is limited, as typically, its time complexity is lower bounded by 2 n (where n is the block size). There are only a few known scenarios in which the slide attack performs better than the 2 n bound. In this paper, we concentrate on efficient slide attacks, whose time complexity is less than 2 n. We present a number of new attacks that apply in scenarios in which previously known slide attacks are either inapplicable, or require at least 2 n operations. In particular, we present the first known slide attack on a Feistel construction with a 3-round self-similarity, and an attack with practical time complexity of 2 40 on a 128-bit key variant of the GOST block cipher with unknown S-boxes. The best previously known attack on the same variant, with known S-boxes (by Courtois), has time complexity of 2 91.
|Number of pages||30|
|Journal||Journal of Cryptology|
|State||Published - 1 Jul 2018|
Bibliographical noteFunding Information:
The authors are grateful to Itai Dinur and Adi Shamir for numerous fruitful discussions. The authors would also like to thank Nicolas Courtois for his useful comments on a draft of the paper. We also would like to thank Erkan Uslu for his comment on this manuscript. The help of the anonymous referees in improving the attacks of this paper is highly appreciated. The first author was partially supported by the Israeli Ministry of Science and Technology and by the Check Point Institute for Information Security, and by the BIU Center for Research in Applied Cryptography and Cyber Security in conjunction with the Israel National Cyber Bureau in the Prime Minister’s Office. The third author was supported in part by the Israel Science Foundation through grants No. 827/12 and No. 1910/12 and in part by the European Commission under Contract ICT-645622 PQCrypto. The fourth author was supported by the Alon Fellowship.
© 2017, International Association for Cryptologic Research.
- Cycle structure
- Slide attacks