Saturday, February 2, 2013

Types of Cryptanalysis


Types of Cryptanalysis
                I.            Differential cryptanalysis
               II.            Linear cryptanalysis
The prime concern with DES is its vulnerability to brute-force attack because of its relatively short key length i.e. 56 bits. So it is possible that DES may face many crypt-analytic attacks.

      I.            Differential cryptanalysis
This attack is very complex. The overall strategy of differential cryptanalysis is based on the single round (which we discuss in the next paragraph). The procedure is begin with two plain text messages M and M’ with a given difference and trace through a probable pattern or differences after each round for the cipher text.
            We begin with a change in notation for DES. Consider the original plain text block M is divided into two halves M0 and M1. Each round of DES maps the right hand input into the left hand output and sets the right hand output to be a function of left hand input. And the sub key is used for the round. So at each round only one new 32 block is created.
      Equation is :
      Mi+1 = Mi-1 XOR f (Mi ,Ki)

   II.            Linear cryptanalysis
It is a more recent development. This attack is based on finding linear approximation to describe the transformation performed in DES. This method can find a DES key given 247 known plain text. As compare to 247 chosen plain text for differential cryptanalysis although this is a minor development because it may be easy to acquire known plain text rather than chosen plain text. So the linear cryptanalysis is infeasible as an attack on DES.
            For a cipher with n bit plain text and cipher text blocks and m bit key so the plain text block will be a set of –
                                    P=P[1],P[2],P[3],...........,P[n]
And the cipher text will be a set of –
                                    C=C[1],C[2],C[3],...........,C[n]
And the set of key will be –
                                    K=K[1],K[2],K[3],...........,K[m]

So the effective linear equation in the form of
P[α1, α2, α3,........, αn] XOR C[β1, β2, β3,........ ,βn] = K[1,2,3,........,m]
Here α, β & are the terms which represent unique bit location.

0 comments:

Post a Comment

Powered by Blogger.