Types of Cryptanalysis
I.
Differential
cryptanalysis
II.
Linear
cryptanalysis
The prime concern with DES is its
vulnerability to brute-force attack because of its relatively short key length
i.e. 56 bits. So it is possible that DES may face many crypt-analytic attacks.
I.
Differential
cryptanalysis
This attack is very complex. The overall strategy of
differential cryptanalysis is based on the single round (which we discuss in
the next paragraph). The procedure is begin with two plain text messages M and
M’ with a given difference and trace through a probable pattern or differences
after each round for the cipher text.
We
begin with a change in notation for DES. Consider the original plain text block
M is divided into two halves M0 and M1. Each round of DES
maps the right hand input into the left hand output and sets the right hand
output to be a function of left hand input. And the sub key is used for the
round. So at each round only one new 32 block is created.
Equation
is :
Mi+1
= Mi-1 XOR f (Mi ,Ki)
II.
Linear
cryptanalysis
It is a more recent development. This attack is
based on finding linear approximation to describe the transformation performed
in DES. This method can find a DES key given 247 known plain
text. As compare to 247 chosen plain text for differential
cryptanalysis although this is a minor development because it may be easy to
acquire known plain text rather than chosen plain text. So the linear
cryptanalysis is infeasible as an attack on DES.
For a
cipher with n bit plain text and
cipher text blocks and m bit key so
the plain text block will be a set of –
P=P[1],P[2],P[3],...........,P[n]
And the cipher text will be a set of –
C=C[1],C[2],C[3],...........,C[n]
And the set of key will be –
K=K[1],K[2],K[3],...........,K[m]
So the effective linear equation in the form of
P[α1,
α2, α3,........, αn] XOR C[β1,
β2, β3,........ ,βn] = K[∝1,∝2,∝3,........,∝m]
Here
α, β & ∝ are
the terms which represent unique bit location.
0 comments:
Post a Comment