Meet-in-the-middle attacks, where problems and the secrets being sought are decomposed into two pieces, have many applications in cryptanalysis. A well-known such attack on double-DES requires 256 time and memory; a naive key search would take 2112 time. However, when the attacker is limited to a practical amount of memory, the time savings are much less dramatic. For n the cardinality of the space that each half of the secret is chosen from (n=256 for double-DES), and w the number of words of memory available for an attack, a technique based on parallel collision search is described which requires O(√n/w) times fewer operations and O(n/w) times fewer memory accesses than previous approaches to meet-in-the-middle attacks. For the example of double-DES, an attacker with 16 Gbytes of memory could recover a pair of DES keys in a known-plaintext attack with 570 times fewer encryptions and 3.7×106 times fewer memory accesses compared to previous techniques using the same amount of memory.
CITATION STYLE
Van Oorschot, P. C., & Wiener, M. J. (1996). Improving implementable meet-in-the-middle attacks by orders of magnitude. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1109, pp. 229–236). Springer Verlag. https://doi.org/10.1007/3-540-68697-5_18
Mendeley helps you to discover research relevant for your work.