Differential cryptanalysis of PP-1 cipher
Abstract
In this paper we present a differential attack on the block cipher PP-1 which was designed at Poznan University of Technology. Complexity of the attack is smaller than that of brute force attack for every version of the cipher (for every block length). The attack is possible is spite of the fact that the S-box exhibits optimal security against the differential cryptanalysis. The attack is based on the fact that the design of the cipher S-box and permutation were constructed independently. The permutation operates on individual bits, and in the XOR profile table of S-box 1 bit to 1 bit transitions are possible. It allows constructing a simple one-round differential characteristic which is almost iterative with the probability 1.5 · 2-6. By 9 times concatenation of the characteristic and its relaxation in the last round we obtained a 10-round characteristic with the probability 2-48.7. Using this characteristic with 1R attack makes differential cryptanalysis of full 11-round cipher with complexity smaller than exhaustive search possible. By carefully exploiting similar characteristics it is possible to find analogous attacks on different versions of cipher PP-1, with higher a larger of rounds.
Full Text:
PDFDOI: http://dx.doi.org/10.2478/v10065-011-0006-7
Date of publication: 2011-01-01 00:00:00
Date of submission: 2016-04-28 09:03:44
Statistics
Total abstract view - 596
Downloads (from 2020-06-17) - PDF - 0
Indicators
Refbacks
- There are currently no refbacks.
Copyright (c) 2015 Annales UMCS Sectio AI Informatica
This work is licensed under a Creative Commons Attribution 4.0 International License.