Efficient Slide Attacks

Achiya Bar-On, Eli Biham, Orr Dunkelman, Nathan Keller

Research output: Contribution to journalArticlepeer-review

18 Scopus citations


The slide attack, presented by Biryukov and Wagner, has already become a classical tool in cryptanalysis of block ciphers. While it was used to mount practical attacks on a few cryptosystems, its practical applicability is limited, as typically, its time complexity is lower bounded by 2 n (where n is the block size). There are only a few known scenarios in which the slide attack performs better than the 2 n bound. In this paper, we concentrate on efficient slide attacks, whose time complexity is less than 2 n. We present a number of new attacks that apply in scenarios in which previously known slide attacks are either inapplicable, or require at least 2 n operations. In particular, we present the first known slide attack on a Feistel construction with a 3-round self-similarity, and an attack with practical time complexity of 2 40 on a 128-bit key variant of the GOST block cipher with unknown S-boxes. The best previously known attack on the same variant, with known S-boxes (by Courtois), has time complexity of 2 91.

Original languageEnglish
Pages (from-to)641-670
Number of pages30
JournalJournal of Cryptology
Issue number3
StatePublished - 1 Jul 2018

Bibliographical note

Publisher Copyright:
© 2017, International Association for Cryptologic Research.


The authors are grateful to Itai Dinur and Adi Shamir for numerous fruitful discussions. The authors would also like to thank Nicolas Courtois for his useful comments on a draft of the paper. We also would like to thank Erkan Uslu for his comment on this manuscript. The help of the anonymous referees in improving the attacks of this paper is highly appreciated. The first author was partially supported by the Israeli Ministry of Science and Technology and by the Check Point Institute for Information Security, and by the BIU Center for Research in Applied Cryptography and Cyber Security in conjunction with the Israel National Cyber Bureau in the Prime Minister’s Office. The third author was supported in part by the Israel Science Foundation through grants No. 827/12 and No. 1910/12 and in part by the European Commission under Contract ICT-645622 PQCrypto. The fourth author was supported by the Alon Fellowship.

FundersFunder number
BIU Center for Research in Applied Cryptography and Cyber Security
Check Point Institute for Information Security
Prime Minister’s Office
Horizon 2020 Framework Programme645622
European Commission
Israel Science Foundation1910/12, 827/12
Ministry of Education, Science and Technology


    • 1K-AES
    • 3K-DES
    • Cycle structure
    • GOST
    • Slide attacks


    Dive into the research topics of 'Efficient Slide Attacks'. Together they form a unique fingerprint.

    Cite this