mod n cryptanalysis

In cryptography, mod n cryptanalysis is an attack applicable to block and stream ciphers. It is a form of partitioning cryptanalysis which exploits unevenness in how the cipher operates over equivalence classes (congruence classes) modulo n. The method was first suggested in 1999 by John Kelsey, Bruce Schneier and David Wagner and applied to RC5P (a variant of RC5) and M6 (a family of block ciphers used in the FireWire standard).

Mod 3 analysis of RC5P

For RC5P, analysis was conducted modulo 3. It was observed that for the operations in the cipher (rotation and addition, both on 32-bit words) were somewhat biased over congruence classes mod 3. To illustrate the approach, consider left rotation by a single bit:

X <<< 1=\left\{\begin{matrix} 2X, & \mbox{if } X < 2^{31} \\ 2X + 1 - 2^{32}, & \mbox{if } X \geq 2^{31}\end{matrix}\right.

Then, because

2^{32} \equiv 1\pmod 3

, we can deduce that

X <<< 1 \equiv 2X\pmod 3

. Thus left rotation by a single bit has a simple description modulo 3. Analysis of other operations (data dependent rotation and modular addition) reveals similar, notable biases. Although there are some theoretical problems analysing the operations in combination, the bias can be detected experimentally for the entire cipher. In (Kelsey et. al, 1999), experiments were conducted up to seven rounds, and based on this they conjecture that as many as nineteen or twenty rounds of RC5P can be distinguished from random using this attack. There is also a corresponding method for recovering the secret key.

References

John Kelsey, Bruce Schneier, David Wagner: Mod n Cryptanalysis, with Applications Against RC5P and M6. Fast Software Encryption 1999: pp139–155
Vincent Rijmen, "mod n" Cryptanalysis of Rabbit, Whitepaper, Cryptico, December 1, 2003. (PDF)
Toshio Tokita、Tsutomu Matsumoto, On Applicability of Differential Cryptanalysis, Linear Cryptanalysis and Mod n Cryptanalysis to an Encryption Algorithm M8 (ISO9979-20), IPSJ JOURNAL Vol.42 No.08.

<< Previous

Word Browser

Next >>

list of perth railway stations
tim hagan
r. u. sirius
harry potter and the half blood prince
wickes class destroyer
punjab university, chandigarh
opel ascona
lee fisher
rick carne
annianus of alexandria
montague grammar

ted celeste
the stepford wives (2004 movie)
susan greenfield
debconf
hawkeye (comics)
tennis at the 1920 summer olympics
joel hyatt
holden camira
suzanne lenglen
black widow (comics)
carson sink case

protection racket
culmer family
modifications (genetics)
thomas claxton
the story of the weeping camel
charles berkeley, 2nd baron berkeley of stratton
lars knudsen
housing and development board
rosettes
list of radio stations in pennsylvania
french pragmatism

duc de broglie
gottschalk (slavic prince)
howard metzenbaum
around the world in 80 days (2004 movie)
sedum
patrick fitzgerald
robert hickman
william b. saxbe
ardeatine massacre
antonomasia
karl hass