Concept

Meet-in-the-middle attack

Related publications (22)

Compact Circuits for Combined AES Encryption/Decryption

The implementation of the AES encryption core by Moradi et al. at Eurocrypt 2011 is one of the smallest in terms of gate area. The circuit takes around 2400 gates and operates on an 8 bit datapath. However this is an encryption only core and unable to cate ...

2019

Cryptanalysis of Plantlet

Subhadeep Banik, Khashayar Barooti

Plantlet is a lightweight stream cipher designed by Mikhalev, Armknecht and Muller in IACR ToSC 2017. It has a Grain-like structure with two state registers of size 40 and 61 bits. In spite of this, the cipher does not seem to lose in security against gene ...

2019

Can Caesar Beat Galois?

Serge Vaudenay, Damian Vizár

The Competition for Authenticated Encryption: Security, Applicability and Robustness (CAESAR) has as its official goal to “identify a portfolio of authenticated ciphers that offer advantages over [the Galois-Counter Mode with AES]” and are suitable for wid ...

2018

Cryptanalysis of Enhanced MORE

Serge Vaudenay, Damian Vizár

Fully homomorphic encryption (FHE) has been among the most popular research topics of the last decade. While the bootstrapping-based, public key cryptosystems that follow Gentry's original design are getting more and more efficient, their performance is st ...

2018

Generic Round-Function-Recovery Attacks for Feistel Networks over Small Domains

Serge Vaudenay, Fatma Betül Durak

Feistel Networks (FN) are now being used massively to encrypt credit card numbers through format-preserving encryption. In our work, we focus on FN with two branches, entirely unknown round functions, modular additions (or other group operations), and when ...

2018

Generic Round-Function-Recovery Attacks for Feistel Networks over Small Domains

Serge Vaudenay, Fatma Betül Durak

ePrint2018

Provably Secure Authenticated Encryption

Damian Vizár

Authenticated Encryption (AE) is a symmetric key cryptographic primitive that ensures confidentiality and authenticity of processed messages at the same time. The research of AE as a primitive in its own right started in 2000. The security goals of AE wer ...

EPFL2018

Breaking The FF3 Format-Preserving Encryption Standard Over Small Domains

Serge Vaudenay, Fatma Betül Durak

The National Institute of Standards and Technology (NIST) recently published a Format-Preserving Encryption standard accepting two Feistel structure based schemes called FF1 and FF3. Particularly, FF3 is a tweakable block cipher based on an 8-round Feistel ...

2017

Breaking the FF3 Format Preserving Encryption

Serge Vaudenay, Fatma Betül Durak

The NIST standard FF3 scheme (also known as BPS scheme) is a tweakable block cipher based on a 8-round Feistel Network. We break it with a practical attack. Our attack exploits the bad domain separation in FF3 design. The attack works with chosen plaintext ...

2017

Clever Arbiters Versus Malicious Adversaries

Serge Vaudenay

When moving from known-input security to chosen-input security, some generic attacks sometimes become possible and must be discarded by a specific set of rules in the threat model. Similarly, common practices consist of fixing security systems, once an exp ...

Springer Berlin Heidelberg2016

Graph Chatbot

Chat with Graph Search

Ask any question about EPFL courses, lectures, exercises, research, news, etc. or try the example questions below.

DISCLAIMER: The Graph Chatbot is not programmed to provide explicit or categorical answers to your questions. Rather, it transforms your questions into API requests that are distributed across the various IT services officially administered by EPFL. Its purpose is solely to collect and recommend relevant references to content that you can explore to help you answer your questions.