Algebraic Attacks on Block Ciphers
James Muir
jamuir at scs.carleton.ca
Thu May 25 10:43:39 EDT 2006
This may interest some list members:
http://eprint.iacr.org/2006/168
Cryptology ePrint Archive: Report 2006/168
How Fast can be Algebraic Attacks on Block Ciphers ?
Nicolas T. Courtois
Abstract. In this paper we give a specification of a new block cipher
that can be called the Courtois Toy Cipher (CTC). It is quite simple,
and yet very much like any other known block cipher. If the parameters
are large enough, it should evidently be secure against all known attack
methods. However, we are not proposing a new method for encrypting
sensitive data, but rather a research tool that should allow us (and
other researchers) to experiment with algebraic attacks on block ciphers
and obtain interesting results using a PC with reasonable quantity of
RAM. For this reason the S-box of this cipher has only 3-bits, which is
quite small. Ciphers with very small S-boxes are believed quite secure,
for example the Serpent S-box has only 4 bits, and in DES all the
S-boxes have 4 output bits. The AES S-box is not quite as small but can
be described (in many ways) by a very small systems of equations with
only a few monomials (and this fact can also be exploited in algebraic
cryptanalysis). We believe that results on algebraic cryptanalysis of
this cipher will have very deep implications for the security of ciphers
in general.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list