Integral cryptanalysis: Difference between revisions
imported>Sandy Harris No edit summary |
John Leach (talk | contribs) m (Text replacement - "{{subpages}}" to "{{PropDel}}<br><br>{{subpages}}") |
||
(5 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
'''Integral cryptanalysis''' is a method of [[cryptanalysis]] invented by [[Lars Knudsen]]. It is an extension of [[differential cryptanalysis]]. Differential analysis looks at pairs of inputs that differ in only one bit position, with all other bits identical. Integral analysis, for block size b, holds b-k bits constant and runs the other k through all 2<sup>k</sup> possibilities. For k=1, this is just differential cryptanalysis, but with k>1 | {{PropDel}}<br><br>{{subpages}} | ||
'''Integral cryptanalysis''' is a method of [[cryptanalysis]] invented by [[Lars Knudsen]]. It is an extension of [[differential cryptanalysis]]. Differential analysis looks at pairs of inputs that differ in only one bit position, with all other bits identical. Integral analysis, for block size b, holds b-k bits constant and runs the other k through all 2<sup>k</sup> possibilities. For k=1, this is just differential cryptanalysis, but with k>1 it is a new technique. | |||
The method is also known as the '''Square attack''' because it was first applied to [[Square (cipher)|square]], a [[block cipher]] designed by [[Joan Daemen]] and [[Vincent Rijmen]] who later designed [[AES]]. In fact, the cipher and the attack were published | The method is also known as the '''Square attack''' because it was first applied to [[Square (cipher)|square]], a [[block cipher]] designed by [[Joan Daemen]] and [[Vincent Rijmen]] who later designed [[AES]]. In fact, the cipher and the attack were published together; the developers had given Knudsen a preprint of their paper. Against a [[Block cipher#SP networks|substitution-permutation network]] such as Square, k is often chosen to be the size of a single [[Block cipher#S-boxes|S-box]]. The attack has since been applied to a number of other ciphers, not all SP networks. |
Latest revision as of 04:48, 8 April 2024
This article may be deleted soon. | ||
---|---|---|
Integral cryptanalysis is a method of cryptanalysis invented by Lars Knudsen. It is an extension of differential cryptanalysis. Differential analysis looks at pairs of inputs that differ in only one bit position, with all other bits identical. Integral analysis, for block size b, holds b-k bits constant and runs the other k through all 2k possibilities. For k=1, this is just differential cryptanalysis, but with k>1 it is a new technique. The method is also known as the Square attack because it was first applied to square, a block cipher designed by Joan Daemen and Vincent Rijmen who later designed AES. In fact, the cipher and the attack were published together; the developers had given Knudsen a preprint of their paper. Against a substitution-permutation network such as Square, k is often chosen to be the size of a single S-box. The attack has since been applied to a number of other ciphers, not all SP networks. |