Improved Meet-in-the-Middle Attacks on Reduced-Round DES
The Data Encryption Standard (DES) is a 64-bit block cipher. Despite its short key size of 56 bits, DES continues to be used to protect financial transactions valued at billions of Euros. In this work, we investigate the strength of DES against attacks that use a limited number of plaintexts and ciphertexts. By mounting meet-in-the-middle attacks on reduced-round DES, we find that up to 6-round DES is susceptible to this kind of attacks.
This is joint work with Gautham Sekar and Bart Preneel
Discussion about the "Right Model" for cryptanalytic attacks
When suggesting a cryptanalytic attack, we try to optimize various parameters:
-
Data complexity (or model: known/chosen/adaptive)
-
Time complexity (according to the computational model: single CPU/multiple CPUs/etc.)
-
Memory complexity (RAM vs. Hard drives)
In this discussion, I would like to explore some of the possibilities for defining "the best" attack, or the most suitable attack.
MitM-handout.ps
Model-handout.ps