Abstract
This paper proposes a new higher order differential attack. The higher order differential attack proposed at FSE’97 by Jakobsen and Knudsen used exhaustive search for recovering the last round key. Our new attack improves the complexity to the cost of solving a linear system of equations. As an example we show the higher order differential attack of a CAST cipher with 5 rounds. The required number of chosen plaintexts is 217 and the required complexity is less than 225 times the computation of the round function. Our experimental results show that the last round key of the CAST cipher with 5 rounds can be recovered in less than 15 seconds on an UltraSPARC station.
Chapter PDF
Similar content being viewed by others
References
C.M. Adams, “Constructing Symmetric Ciphers Using the CAST Design Procedure,” Designs, Codes and Cryptography, Vol.12, No.3, Nov., pp.283–316, Kluwer Academic Publishers, 1997.
C.M. Adams, “The CAST-128 Encryption Algorithm,” Request for Comments (RFC) 2144, Network Working Group, Internet Engineering Task Force, May, 1997.
C.M. Adams and S.E. Tavares, “Designing S-boxes for ciphers resistant to differential cryptanalysis,” In Proceedings of the 3rd symposium on State and Progress of Research in Cryptography, pp.181–190, 1993.
E. Biham, “New Types of Cryptanalytic Attacks Using Related Keys,” Advances in Cryptology-EUROCRYPT’93, Lecture Notes in Computer Science 765, pp.398–409, Springer-Verlag, 1994.
E. Biham and A. Shamir, “Differential Cryptanalysis of DES-like Cryptosystems,” Journal of Cryptology, Vol.4, No.1, pp.3–72, Springer-Verlag, 1991.
H.M. Heys and S.E. Tavares, “On the security of the CAST encryption algorithm,” Canadian Conference on Electrical and Computer Engineering, pp.332–335, 1994.
T. Jakobsen and L.R. Knudsen, “The Interpolation Attack on Block Ciphers,” In Preproceedings of Fast Software Encryption Workshop’97, pp.28–40, 1997.
T. Kaneko, “A known-plaintext attack of FEAL-4 based on the system of linear equations on difference (Extended Abstract),” Advances in Cryptology-ASIACRYPT’91, Lecture Notes in Computer Science 739, pp.485–488, Springer-Verlag, 1993.
T. Kaneko, “A Known Plaintext Cryptanalytic Attack of FEAL-4,” (in Japanese), IEICE Trans. Vol.76-A, No.5, May, pp.781–786, 1993.
K. Kiefer, “A New Design Concept for Building Secure Block Ciphers,” In Proceedings of PRAGOCRYPT’96, pp.30–41, CTU Publishing House, 1996.
L.R. Knudsen, “Truncated and Higher Order Differentials,” Fast Software Encryption—Second International Workshop, Lecture Note in Computer Science 1008, pp.196–211, Springer-Verlag, 1995.
X. Lai, “Higher Order Derivatives and Differential Cryptanalysis,” Communications and Cryptography, pp.227–233, Kluwer Academic Publishers, 1994.
J. Lee, H.M. Heys, S.E. Tavares, “Resistance of a CAST-Like Encryption Algorithm to Linear and Differential Cryptanalysis,” Designs, Codes and Cryptography, Vol.12, No.3, Nov., pp.267–282, Kluwer Academic Publishers, 1997.
K. Nyberg and L.R. Knudsen, “Provable Security Against a Differential Attack,” Journal of Cryptology, Vol.8, No.1, pp.27–37, Springer-Verlag, 1995.
M. Matsui, “Linear Cryptanalysis Method for DES Cipher,” Advances in Cryptology-EUROCRYPT’93, Lecture Notes in Computer Science 765, pp.386–397, Springer-Verlag, 1994.
V. Rijmen, B. Preneel, and E. De Win “On Weaknesses of Non-surjective Round Functions,” Designs, Codes and Cryptography, Vol.12, No.3, Nov., pp.253–266, Kluwer Academic Publishers, 1997.
B. Schneier, “Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish),” Fast Software Encryption—Cambridge Security Workshop, Lecture Note in Computer Science 809, pp.191–204, Springer-Verlag, 1994.
T. Shimoyama, S. Moriai, and T. Kaneko, “Improving the Higher Order Differential Attack and Cryptanalysis of the \( \mathcal{K}\mathcal{N} \) Cipher,” In Pre-Proceedings of 1997 Information Security Workshop, pp.1–8, 1997. (to appear in Lecture Notes in Computer Science, Springer-Verlag)
T. Shimoyama, S. Amada, and S. Moriai, “Improved Fast Software Implementation of Block Ciphers (Extended Abstract),” ICICS’97, Beijing, Nov. 1997, Lecture Notes in Computer Science 1334, pp.269–273, Springer-Verlag, 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Moriai, S., Shimoyama, T., Kaneko, T. (1998). Higher Order Differential Attack of a CAST Cipher. In: Vaudenay, S. (eds) Fast Software Encryption. FSE 1998. Lecture Notes in Computer Science, vol 1372. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-69710-1_2
Download citation
DOI: https://doi.org/10.1007/3-540-69710-1_2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64265-7
Online ISBN: 978-3-540-69710-7
eBook Packages: Springer Book Archive