Skip to main content
Conference ProceedingsOPEN ACCESS

Multiplicative differentials

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2002) 2365 17-33
DOI: 10.1007/3-540-45661-9_2
N/ACitations
Citations of this article
37Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We present a new type of differential that is particularly suited to analyzing ciphers that use modular multiplication as a primitive operation. These differentials are partially inspired by the differential used to break Nimbus, and we generalize that result.We use these differentials to break the MultiSwap cipher that is part of the Microsoft Digital Rights Management subsystem, to derive a complementation property in the xmx cipher using the recommended modulus, and to mount a weak key attack on the xmx cipher for many other moduli.We also present weak key attacks on several variants of IDEA. We conclude that cipher designers may have placed too much faith in multiplication as a mixing operator, and that it should be combined with at least two other incompatible group operations.

Cite

CITATION STYLE

APA

Borisov, N., Chew, M., Johnson, R., & Wagner, D. (2002). Multiplicative differentials. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2365, pp. 17–33). Springer Verlag. https://doi.org/10.1007/3-540-45661-9_2

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free