Sciweavers

CTRSA
2009
Springer

Cryptanalysis of CTC2

14 years 6 months ago
Cryptanalysis of CTC2
CTC is a toy cipher designed in order to assess the strength of algebraic attacks. While the structure of CTC is deliberately weak with respect to algebraic attacks, it was claimed by the designers that CTC is secure with respect to statistical attacks, such as differential and linear cryptanalysis. After a linear attack on CTC was presented, the cipher’s linear transformation was tweaked to offer more diffusion, and specifically to prevent the existence of 1-bit to 1-bit approximations (and differentials) through the linear transformation. The new cipher was named CTC2, and was analyzed by the designers using algebraic techniques. In this paper we analyze the security of CTC2 with respect to differential and differential-linear attacks. The data complexities of our best attacks on 6-round, 7-round, and 8-round variants of CTC2 are 64, 215 , and 237 chosen plaintexts, respectively, and the time complexities are dominated by the time required to encrypt the data. Our findings ...
Orr Dunkelman, Nathan Keller
Added 19 May 2010
Updated 19 May 2010
Type Conference
Year 2009
Where CTRSA
Authors Orr Dunkelman, Nathan Keller
Comments (0)