Impossible differential cryptanalysis

In cryptography, impossible differential cryptanalysis is a form of differential cryptanalysis for block ciphers. While ordinary differential cryptanalysis tracks differences that propagate through the cipher with greater than expected probability, impossible differential cryptanalysis exploits differences that are impossible (having probability 0) at some intermediate state of the cipher algorithm.

SHACAL-2.^{[citation needed}

]

Biham, Biryukov and Shamir also presented a relatively efficient specialized method for finding impossible differentials that they called a miss-in-the-middle attack. This consists of finding "two events with probability one, whose conditions cannot be met together."[6]

References

^ Lars Knudsen (February 21, 1998). "DEAL - A 128-bit Block Cipher". Technical report no. 151. Department of Informatics, University of Bergen, Norway. Retrieved 2015-05-28. {{cite journal}}: Cite journal requires |journal= (help)
^ Shamir, A. (August 25, 1998) Impossible differential attacks. CRYPTO '98 rump session (video at Google Video—uses Flash)
^ Biryukov, A. (August 25, 1998) Miss-in-the-middle attacks on IDEA. CRYPTO '98 rump session (video at Google Video—uses Flash)
^ Biham, E. (August 25, 1998) Impossible cryptanalysis of Skipjack. CRYPTO '98 rump session (video at Google Video—uses Flash)
^ Bruce Schneier (September 15, 1998). "Impossible Cryptanalysis and Skipjack". Crypto-Gram Newsletter.
Springer-Verlag. pp. 124–138. Archived from the original (gzipped
PostScript) on 2011-05-15. Retrieved 2007-02-14.

Further reading

NIST
. Retrieved 2007-02-27.

E. Biham; A. Biryukov; A. Shamir (May 1999). Cryptanalysis of Skipjack Reduced to 31 Rounds using Impossible Differentials (PDF/PostScript). Advances in Cryptology –
EUROCRYPT '99. Prague
: Springer-Verlag. pp. 12–23. Retrieved 2007-02-13.

Kazumaro Aoki; Masayuki Kanda (1999). "Search for Impossible Differential of E2" (PDF/PostScript). Retrieved 2007-02-27. {{cite journal}}: Cite journal requires |journal= (help)

Eli Biham, Vladimir Furman (April 2000). Impossible Differential on 8-Round MARS' Core (PDF/PostScript). 3rd AES Candidate Conference. pp. 186–194. Retrieved 2007-02-27.

Eli Biham; Vladimir Furman (December 2000). Improved Impossible Differentials on Twofish (PDF/PostScript).
Calcutta
: Springer-Verlag. pp. 80–92. Retrieved 2007-02-27.

Deukjo Hong; Jaechul Sung; Shiho Moriai; Sangjin Lee; Jongin Lim (April 2001). Impossible Differential Cryptanalysis of Zodiac. 8th International Workshop on Fast Software Encryption (FSE 2001). Yokohama: Springer-Verlag. pp. 300–311. Archived from the original (PDF) on 2007-12-13. Retrieved 2006-12-30.

Raphael C.-W. Phan; Mohammad Umar Siddiqi (July 2001). "Generalised Impossible Differentials of Advanced Encryption Standard". doi:10.1049/el:20010619
.

Jung Hee Cheon, MunJu Kim, and Kwangjo Kim (September 2001). Impossible Differential Cryptanalysis of Hierocrypt-3 Reduced to 3 Rounds (PDF). Proceedings of 2nd NESSIE Workshop. Retrieved 2007-02-27.{{cite conference}}: CS1 maint: multiple names: authors list (link
)

Jung Hee Cheon; MunJu Kim; Kwangjo Kim; Jung-Yeun Lee; SungWoo Kang (December 26, 2001). Improved Impossible Differential Cryptanalysis of Rijndael and Crypton. 4th International Conference on Information Security and Cryptology (ICISC 2001).
CiteSeerX 10.1.1.15.9966
.

Dukjae Moon; Kyungdeok Hwang; Wonil Lee; Sangjin Lee; AND Jongin Lim (February 2002). Impossible Differential Cryptanalysis of Reduced Round XTEA and TEA (PDF). 9th International Workshop on Fast Software Encryption (FSE 2002). Leuven: Springer-Verlag. pp. 49–60. Retrieved 2007-02-27.

Raphael C.-W. Phan (May 2002). "Classes of Impossible Differentials of Advanced Encryption Standard". doi:10.1049/el:20020347
.

Raphael C.-W. Phan (October 2003). "Impossible Differential Cryptanalysis of Mini-AES" (PDF). S2CID 2658902. Archived from the original
(PDF) on 2007-09-26. Retrieved 2007-02-27.

Raphael C.-W. Phan (July 2004). "Impossible Differential Cryptanalysis of 7-round AES". Information Processing Letters. 91 (1): 29–32.
doi:10.1016/j.ipl.2004.03.006
. Retrieved 2007-07-19.

Wenling Wu; Wentao Zhang; Dengguo Feng (2006). "Impossible Differential Cryptanalysis of ARIA and Camellia" (PDF). Retrieved 2007-02-27. {{cite journal}}: Cite journal requires |journal= (help)

v
t
e
Block ciphers (security summary)
Common
algorithms

AES

Blowfish

DES (internal mechanics, Triple DES)

Serpent

SM4

Twofish

Less common
algorithms

ARIA

Camellia

CAST-128

GOST

IDEA

LEA

RC5

RC6

SEED

Skipjack

TEA

XTEA

Other
algorithms

3-Way

Adiantum

Akelarre

Anubis

Ascon

BaseKing

BassOmatic

BATON

BEAR and LION

CAST-256

Chiasmus

CIKS-1

CIPHERUNICORN-A

CIPHERUNICORN-E

CLEFIA

CMEA

Cobra

COCONUT98

Crab

Cryptomeria/C2

CRYPTON

CS-Cipher

DEAL

DES-X

DFC

E2

FEAL

FEA-M

FROG

G-DES

Grand Cru

Hasty Pudding cipher

Hierocrypt

ICE

IDEA NXT

Intel Cascade Cipher

Iraqi

Kalyna

KASUMI

KeeLoq

KHAZAD

Khufu and Khafre

KN-Cipher

Kuznyechik

Ladder-DES

LOKI (97, 89/91)

Lucifer

M6

M8

MacGuffin

Madryga

MAGENTA

MARS

Mercy

MESH

MISTY1

MMB

MULTI2

MultiSwap

New Data Seal

NewDES

Nimbus

NOEKEON

NUSH

PRESENT

Prince

Q

RC2

REDOC

Red Pike

S-1

SAFER

SAVILLE

SC2000

SHACAL

SHARK

Simon

Speck

Spectr-H64

Square

SXAL/MBAL

Threefish

Treyfer

UES

xmx

XXTEA

Zodiac

Design

Feistel network

Key schedule

Lai–Massey scheme

Product cipher

S-box

P-box

SPN

Confusion and diffusion

Round

Avalanche effect

Block size

Key size

Key whitening (Whitening transformation)

Attack
(cryptanalysis)

Brute-force (EFF DES cracker)

MITM
Biclique attack

3-subset MITM attack

Linear (Piling-up lemma)

Differential
Impossible

Truncated

Higher-order

Differential-linear

Distinguishing (Known-key)

Integral/Square

Boomerang

Mod n

Related-key

Slide

Rotational

Side-channel
Timing

Power-monitoring

Electromagnetic

Acoustic

Differential-fault

XSL

Interpolation

Partitioning

Rubber-hose

Black-bag

Davies

Rebound

Weak key

Tau

Chi-square

Time/memory/data tradeoff

Standardization

AES process

CRYPTREC

NESSIE

Utilization

Initialization vector

Mode of operation

Padding

v
t
e
Cryptography
General

History of cryptography

Outline of cryptography

Cryptographic protocol
Authentication protocol

Cryptographic primitive

Cryptanalysis

Cryptocurrency

Cryptosystem

Cryptographic nonce

Cryptovirology

Hash function
Cryptographic hash function

Key derivation function

Digital signature

Kleptography

Key (cryptography)

Key exchange

Key generator

Key schedule

Key stretching

Keygen

Cryptojacking malware

Ransomware

Random number generation
Cryptographically secure pseudorandom number generator (CSPRNG)

Pseudorandom noise (PRN)

Secure channel

Insecure channel

Subliminal channel

Encryption

Decryption

End-to-end encryption

Harvest now, decrypt later

Information-theoretic security

Plaintext

Codetext

Ciphertext

Shared secret

Trapdoor function

Trusted timestamping

Key-based routing

Onion routing

Garlic routing

Kademlia

Mix network

Mathematics

Cryptographic hash function

Block cipher

Stream cipher

Symmetric-key algorithm

Authenticated encryption

Public-key cryptography

Quantum key distribution

Quantum cryptography

Post-quantum cryptography

Message authentication code

Random numbers

Steganography

Category

Retrieved from "https://en.wikipedia.org/w/index.php?title=Impossible_differential_cryptanalysis&oldid=1206888743"

[1] Lars Knudsen (February 21, 1998). "DEAL - A 128-bit Block Cipher". Technical report no. 151. Department of Informatics, University of Bergen, Norway. Retrieved 2015-05-28. {{cite journal}}: Cite journal requires |journal= (help)

[2] Shamir, A. (August 25, 1998) Impossible differential attacks. CRYPTO '98 rump session (video at Google Video—uses Flash)

[3] Biryukov, A. (August 25, 1998) Miss-in-the-middle attacks on IDEA. CRYPTO '98 rump session (video at Google Video—uses Flash)

[4] Biham, E. (August 25, 1998) Impossible cryptanalysis of Skipjack. CRYPTO '98 rump session (video at Google Video—uses Flash)

[5] Bruce Schneier (September 15, 1998). "Impossible Cryptanalysis and Skipjack". Crypto-Gram Newsletter.

[6] Springer-Verlag. pp. 124–138. Archived from the original (gzipped
PostScript) on 2011-05-15. Retrieved 2007-02-14.