Sciweavers

FSE
2011
Springer

On Cipher-Dependent Related-Key Attacks in the Ideal-Cipher Model

13 years 3 months ago
On Cipher-Dependent Related-Key Attacks in the Ideal-Cipher Model
Abstract. Bellare and Kohno introduced a formal framework for the study of related-key attacks against blockciphers. They established sufficient conditions (output-unpredictability and collision-resistance) on the set of relatedkey-deriving (RKD) functions under which an ideal cipher is secure against related-key attacks, and suggested this could be used to derive security goals for real blockciphers. However, to do so requires the reinterpretation of results proven in the ideal-cipher model for the standard model (in which a blockcipher is modelled as, say, a pseudorandom permutation family). As we show here, this is a fraught activity. In particular, building on a recent idea of Bernstein, we first demonstrate a related-key attack that applies generically to a large class of blockciphers. The attack exploits the existence of a short description of the blockcipher, and so does not apply in the ideal-cipher model. However, the specific RKD functions used in the attack are provably o...
Martin R. Albrecht, Pooya Farshim, Kenny G. Paters
Added 28 Aug 2011
Updated 28 Aug 2011
Type Journal
Year 2011
Where FSE
Authors Martin R. Albrecht, Pooya Farshim, Kenny G. Paterson, Gaven J. Watson
Comments (0)