Abstract
We introduce “mod n cryptanalysis,” a form of partitioning attack that is effective against ciphers which rely on modular addition and bit rotations for their security. We demonstrate this attack with a mod 3 attack against RC5P, an RC5 variant that uses addition instead of xor. We also show mod 5 and mod 257 attacks against some versions of a family of ciphers used in the FireWire standard. We expect mod n cryptanalysis to be applicable to many other ciphers, and that the general attack is extensible to other values of n.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Aikawa, K. Takaragi, S. Furuya, M. Sasamoto, “A lightweight Encryption Method Suitable for Copyright Protection,” IEEE Trans. on Consumer Electronics, vol.44, n.3, pp.902–910, 1998.
G. Álvarez, D. De la Guia, F. Montoya, and A. Peinado, “Akelarre: A New Block Cipher Algorithm,” Workshop on Selected Areas in Cryptography (SAC’ 96) Workshop Record, Queens University, 1996, pp. 1–14.
C. Burwick, D. Coppersmith, E. D’Avignon, R. Gennaro, S. Halevi, C. Jutla, S.M. Matyas, L. O’Connor, M. Peyravian, D. Safford, and N. Zunic, “MARS-A Candidate Cipher for AES,” NIST AES Proposal, Jun 98.
E. Biham, “On Matsui’s Linear Cryptanalysis,” Advances in Cryptology-EUROCRYPT’ 94 Proceedings, Springer-Verlag, 1995, pp. 398–412.
A. Biryukov and E. Kushilevitz, “Improved Cryptanalysis of RC5,” Advances in Cryptology-EUROCRYPT’ 98 Proceedings, Springer-Verlag, 1998, pp. 85–99.
S. Contini, R. Rivest. M. Robshaw, and Y.L. Yin, “The Security of the RC6 Block Cipher,” Version 1.0, RSA Laboratories, 20 Aug 1998.
Response for Data Protection System for Digital Transmission of Copy Protected Information, Version 0.99, pp. 8–12, Hitachi, Matsushita, and Sony.
C. Harpes, G. Kramer, and J. Massey, “A Generalization of Linear Cryptanalysis and the Applicability of Matsui’s Piling-up Lemma,” Advances in Cryptology-EUROCRYPT’ 95 Proceedings, Springer-Verlag, 1995, pp. 24–38.
C. Harpes and J. Massey, “Partitioning Cryptanalysis,” Fast Software Encryption, 4th International Workshop Proceedings, Springer-Verlag, 1997, pp. 13–27.
Hitachi, “Symmetric key encipherment method ‘M6’ for IEEE 1394 bus encryption/authentication,” Submission 1997-4-25, Proposal for IEEE 1394, Copy Prorection Technical Working Group, 1997.
T. Kazuo, personal communication, 19 Mar 1999.
L.R. Knudsen and W. Meier, “Improved Differential Attacks on RC5,” Advances in Cryptology-CRYPTO’ 96, Springer-Verlag, 1996, pp. 216–228.
L. Knudsen, personal communication, 6 Apr 1999.
B. Kaliski Jr., and M. Robshaw, “Linear Cryptanalysis Using Multiple Approximations,” Advances in Cryptology-CRYPTO’ 94 Proceedings, Springer-Verlag, 1994, pp. 26–39.
B. Kaliski Jr., and M. Robshaw, “Linear Cryptanalysis Using Multiple Approximations and FEAL,” Fast Software Encryption, Second International Workshop Proceedings, Springer-Verlag, 1995, pp. 249–264.
L. Knudsen and M. Robshaw, “Non-Linear Approximations in Linear Cryptanalysis,” Advances in Cryptology-EUCROCRYPT’ 96, Springer-Verlag, 1996, pp. 224–236.
B. Kaliski and Y.L. Yin, “On Differential and Linear Cryptanalysis of the RC5 Encryption Algorithm,” Advanced in Cryptology-CRYPTO’ 95, Springer-Verlag, 1995, pp. 171–184.
B. Kaliski and Y.L. Yin, “On the Security of the RC5 Encryption Algorithm,” RSA Laboratories Technical Report TR-602, Version 1.0, Sep 98.
X. Lai, J. Massey, and S. Murphy, “Markov Ciphers and Differential Cryptanalysis,” Advances in Cryptology-CRYPTO’ 91 Proceedings, Springer-Verlag, 1991, pp. 17–38.
W.E. Madryga, “A High Performance Encryption Algorithm,” Computer Security: A Global Challenge, Elsevier Science Publishers, 1984, pp. 557–570.
M. Matsui, “Linear Cryptanalysis Method for DES Cipher,” Advances in Cryptology-EUROCRYPT’ 93 Proceedings, Springer-Verlag, 1994, pp. 386–397.
R.L. Rivest, “The RC5 Encryption Algorithm,” Fast Software Encryption, 2nd International Workshop Proceedings, Springer-Verlag, 1995, pp. 86–96.
R. Rivest, M. Robshaw, R. Sidney, and Y.L. Yin, “The RC6 Block Cipher,” NIST AES Proposal, Jun 98.
A.A. Selcuk, “New Results in Linear Cryptanalysis of RC5,” Fast Software Encryption, 5th International Workshop, Springer-Verlag, 1998, pp. 1–16.
B. Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall, and N. Ferguson, “Twofish: A 128-Bit Block Cipher,” NIST AES Proposal, 15 June 1998.
K. Takaragi, K. Hashimoto, and T. Nakamura, “On Differential Cryptanalysis,” IEICE Tranactions, vol E-74, n. 8, Aug 1991, pp. 2153–2158.
S. Vaudenay, “An Experiment on DES Statistical Cryptanalysis,” 3rd ACM Conference on Computer and Communications Security, ACM Press, 1996, pp. 139–147.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kelsey, J., Schneier, B., Wagner, D. (1999). Mod n Cryptanalysis, with Applications against RC5P and M6. In: Knudsen, L. (eds) Fast Software Encryption. FSE 1999. Lecture Notes in Computer Science, vol 1636. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48519-8_11
Download citation
DOI: https://doi.org/10.1007/3-540-48519-8_11
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66226-6
Online ISBN: 978-3-540-48519-3
eBook Packages: Springer Book Archive