Journal ArticleOPEN ACCESS

Slender-set differential cryptanalysis

Journal of Cryptology (2013) 26(1) 11-38
DOI: 10.1007/s00145-011-9111-4
16Citations
Citations of this article
25Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

This paper considers PRESENT-like ciphers with key-dependent S-boxes. We focus on the setting where the same selection of S-boxes is used in every round. One particular variant with 16 rounds, proposed in 2009, is broken in practice in a chosen plaintext/chosen ciphertext scenario. Extrapolating these results suggests that up to 28 rounds of such ciphers can be broken. Furthermore, we outline how our attack strategy can be applied to an extreme case where the S-boxes are chosen uniformly at random for each round, and where the bit permutation is key-dependent as well. © 2011 International Association for Cryptologic Research.

Author supplied keywords

Cite

CITATION STYLE

APA

Borghoff, J., Knudsen, L. R., Leander, G., & Thomsen, S. S. (2013). Slender-set differential cryptanalysis. Journal of Cryptology, 26(1), 11–38. https://doi.org/10.1007/s00145-011-9111-4

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free