Publication

Linear Cryptanalysis of DES

Graph Chatbot

Chat with Graph Search

Ask any question about EPFL courses, lectures, exercises, research, news, etc. or try the example questions below.

DISCLAIMER: The Graph Chatbot is not programmed to provide explicit or categorical answers to your questions. Rather, it transforms your questions into API requests that are distributed across the various IT services officially administered by EPFL. Its purpose is solely to collect and recommend relevant references to content that you can explore to help you answer your questions.

Cryptanalysis of LowMC instances using single plaintext/ciphertext pair

Serge Vaudenay, Subhadeep Banik, Fatma Betül Durak, Khashayar Barooti

Arguably one of the main applications of the LowMC family ciphers is in the post-quantum signature scheme PICNIC. Although LowMC family ciphers have been studied from a cryptanalytic point of view before, none of these studies were directly concerned with ...

RUHR-UNIV BOCHUM, HORST GORTZ INST IT-SICHERHEIT2020

Breaking The FF3 Format-Preserving Encryption Standard Over Small Domains

Serge Vaudenay, Fatma Betül Durak

The National Institute of Standards and Technology (NIST) recently published a Format-Preserving Encryption standard accepting two Feistel structure based schemes called FF1 and FF3. Particularly, FF3 is a tweakable block cipher based on an 8-round Feistel ...

2017

GIFT: A Small Present Towards Reaching the Limit of Lightweight Encryption

Subhadeep Banik

In this article, we revisit the design strategy of PRESENT, leveraging all the advances provided by the research community in construction and cryptanalysis since its publication, to push the design up to its limits. We obtain an improved version, named GI ...

2017

Breaking the FF3 Format Preserving Encryption

Serge Vaudenay, Fatma Betül Durak

The NIST standard FF3 scheme (also known as BPS scheme) is a tweakable block cipher based on a 8-round Feistel Network. We break it with a practical attack. Our attack exploits the bad domain separation in FF3 design. The attack works with chosen plaintext ...

2017

DES S-box generator

Serge Vaudenay, Lauren De Meyer

The Data Encryption Standard (DES) is a cryptographic algorithm, designed by IBM, that was selected to be the national standard in 1977 by the National Bureau of Standards. The algorithm itself was entirely published but the design criteria were kept secre ...

Taylor & Francis Inc2016

Cryptanalysis of a Homomorphic Encryption Scheme

Serge Vaudenay, Sonia Mihaela Bogos, John Gaspoz

Homomorphic encryption allows to make specific operations on private data which stays encrypted. While applications such as cloud computing require to have a practical solution, the encryption scheme must be secure. In this article, we detail and analyze i ...

2016

Algebraic Cryptanalysis of Deterministic Symmetric Encryption

Petr Susil

Deterministic symmetric encryption is widely used in many cryptographic applications. The security of deterministic block and stream ciphers is evaluated using cryptanalysis. Cryptanalysis is divided into two main categories: statistical cryptanalysis and ...

EPFL2015

Improved Linear Cryptanalysis of Reduced-Round MIBS

Serge Vaudenay, Asli Bay, Jialin Huang

MIBS is a 32-round lightweight block cipher with 64-bit block size and two different key sizes, namely 64-bit and 80-bit keys. Bay et al. provided the first impossible differential, differential and linear cryptanalyses of MIBS. Their best attack was a lin ...

Springer2014

Cryptanalysis of the Double-Moduli Cryptosystem

Serge Vaudenay, Sonia Mihaela Bogos

In this article we present a lattice attack done on a NTRU-like scheme introduced by Verkhovsky in [1]. We show how, based on the relation between the public and private key, we can construct an attack which allows any passive adversary to decrypt the encr ...

2012

Synthetic Linear Analysis with Applications to CubeHash and Rabbit

Serge Vaudenay, Willi Meier, Yi Lu

In linear cryptanalysis, it has been considered most important and difficult to analyze the bias and find a large bias. The demonstration of a large bias will usually imply that the target crypto-system is not strong. Regarding the bias analysis, researche ...

2012