New results on boomerang and rectangle attacks

Eli Biham, Orr Dunkelman, Nathan Keller

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

71 Scopus citations

Abstract

The boomerang attack is a newand very powerful cryptanalytic technique. However, due to the adaptive chosen plaintext and ciphertext nature of the attack, boomerang key recovery attacks that retrieve key material on both sides of the boomerang distinguisher are hard to mount.We also present a method for using a boomerang distinguisher, which enables retrieving subkey bits on both sides of the boomerang distinguisher. The rectangle attack evolved from the boomerang attack.In this paper we present a new algorithm which improves the results of the rectangle attack. Using these improvements we can attack 3.5-round SC2000 with 267 adaptive chosen plaintexts and ciphertexts, and 10-round Serpent with time complexity of 2173.8 memory accesses (which are equivalent to 2165.3 Serpent encryptions) with data complexity of 2126.3 chosen plaintexts.

Original languageEnglish
Title of host publicationFast Software Encryption - 9th International Workshop, FSE 2002, Revised Papers
EditorsJoan Daemen, Vincent Rijmen
PublisherSpringer Verlag
Pages1-16
Number of pages16
ISBN (Print)9783540440093
DOIs
StatePublished - 2002
Externally publishedYes
Event9th International Workshop on Fast Software Encryption, FSE 2002 - Leuven, Belgium
Duration: 4 Feb 20026 Feb 2002

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2365
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference9th International Workshop on Fast Software Encryption, FSE 2002
Country/TerritoryBelgium
CityLeuven
Period4/02/026/02/02

Bibliographical note

Publisher Copyright:
© Springer-Verlag Berlin Heidelberg 2002.

Funding

FundersFunder number
European Commission

    Fingerprint

    Dive into the research topics of 'New results on boomerang and rectangle attacks'. Together they form a unique fingerprint.

    Cite this