TY - GEN
T1 - New cryptanalytic results on IDEA
AU - Biham, Eli
AU - Dunkelman, Orr
AU - Keller, Nathan
PY - 2006
Y1 - 2006
N2 - IDEA is a 64-bit block cipher with 128-bit keys introduced by Lai and Massey in 1991. IDEA is one of the most widely used block ciphers, due to its inclusion in several cryptographic packages, such as PGP and SSH. The cryptographic strength of IDEA relies on a combination of three incompatible group operations - XOR, addition and modular multiplication. Since its introduction in 1991, IDEA has withstood extensive cryptanalytic effort, but no attack was found on the full variant of the cipher. In this paper we present the first known non-trivial relation that involves all the three operations of IDEA. Using this relation and other techniques, we devise a linear attack on 5-round IDEA that uses 219 known plaintexts and has a time complexity of 2103 encryptions. By transforming the relation into a related-key one, a similar attack on 7.5-round IDEA can be applied with data complexity of 243.5 known plaintexts and a time complexity equivalent to 2 115.1 encryptions. Both of the attacks are by far the best known attacks on IDEA
AB - IDEA is a 64-bit block cipher with 128-bit keys introduced by Lai and Massey in 1991. IDEA is one of the most widely used block ciphers, due to its inclusion in several cryptographic packages, such as PGP and SSH. The cryptographic strength of IDEA relies on a combination of three incompatible group operations - XOR, addition and modular multiplication. Since its introduction in 1991, IDEA has withstood extensive cryptanalytic effort, but no attack was found on the full variant of the cipher. In this paper we present the first known non-trivial relation that involves all the three operations of IDEA. Using this relation and other techniques, we devise a linear attack on 5-round IDEA that uses 219 known plaintexts and has a time complexity of 2103 encryptions. By transforming the relation into a related-key one, a similar attack on 7.5-round IDEA can be applied with data complexity of 243.5 known plaintexts and a time complexity equivalent to 2 115.1 encryptions. Both of the attacks are by far the best known attacks on IDEA
UR - http://www.scopus.com/inward/record.url?scp=55749108795&partnerID=8YFLogxK
U2 - 10.1007/11935230_27
DO - 10.1007/11935230_27
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:55749108795
SN - 3540494758
SN - 9783540494751
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 412
EP - 427
BT - Advances in Cryptology - ASIACRYPT 2006 - 12th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings
T2 - 12th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2006
Y2 - 3 December 2006 through 7 December 2006
ER -