• Title/Summary/Keyword: Distinguishing attack

Search Result 13, Processing Time 0.024 seconds

Known-Key Attacks on 4-Branch GFN-2 Structures with SP F-Functions (SP F-함수를 갖는 4-브랜치 GFN-2 구조에 대한 기지키 공격)

  • Hong, Deukjo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.5
    • /
    • pp.795-803
    • /
    • 2020
  • In this paper, we study known-key distinguishing and partial-collision attacks on GFN-2 structures with SP F-functions and various block lengths. Firstly, we show the known-key distinguishing attack is possible up to 15 rounds. Secondly, for the case that the last round function has the shuffle operation, we show that the partial-collision attack is possible up to 14 rounds. Finally, for the case that the last round function has no shuffle operation, we show that the partial-collision attacks are possible up to 11 rounds.

Improved Conditional Differential Attacks on Round-Reduced Grain v1

  • Li, Jun-Zhi;Guan, Jie
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.9
    • /
    • pp.4548-4559
    • /
    • 2018
  • Conditional differential attack against NFSR-based cryptosystems proposed by Knellwolf et al. in Asiacrypt 2010 has been widely used for analyzing round-reduced Grain v1. In this paper, we present improved conditional differential attacks on Grain v1 based on a factorization simplification method, which makes it possible to obtain the expressions of internal states in more rounds and analyze the expressions more precisely. Following a condition-imposing strategy that saves more IV bits, Sarkar's distinguishing attack on Grain v1 of 106 rounds is improved to a key recovery attack. Moreover, we show new distinguishing attack and key recovery attack on Grain v1 of 107 rounds with lower complexity O($2^{34}$) and appreciable theoretical success probability 93.7%. Most importantly, our attacks can practically recover key expressions with higher success probability than theoretical results.

Related Key Differential Attacks on 32-Round GOST (연관키 차분 특성을 이용한 32-라운드 GOST 공격)

  • 이태건;고영대;홍석희;이상진
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.3
    • /
    • pp.75-84
    • /
    • 2004
  • In this paper, we present a related key differential attack on Full-round GOST Firstly, we present a distinguishing attack on full rounds of GOST, which can distinguish it from random oracle with probability 1- 64$2^{64}$ using a related key differential characteristic. We will also show that H. Seki et al.'s idea can be applied to attack on 31 rounds of GOST combining our related key differential characteristic. Lastly, we propose a related key differential attack on full rounds of GOST. In this attack we can recover 12 bits of the master key with $2^{35}$ chosen plaintexts and $2^{36}$ encryption times for the 91.7% expectation of success rate.

Deep Learning Assisted Differential Cryptanalysis for the Lightweight Cipher SIMON

  • Tian, Wenqiang;Hu, Bin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.2
    • /
    • pp.600-616
    • /
    • 2021
  • SIMON and SPECK are two families of lightweight block ciphers that have excellent performance on hardware and software platforms. At CRYPTO 2019, Gohr first introduces the differential cryptanalysis based deep learning on round-reduced SPECK32/64, and finally reduces the remaining security of 11-round SPECK32/64 to roughly 38 bits. In this paper, we are committed to evaluating the safety of SIMON cipher under the neural differential cryptanalysis. We firstly prove theoretically that SIMON is a non-Markov cipher, which means that the results based on conventional differential cryptanalysis may be inaccurate. Then we train a residual neural network to get the 7-, 8-, 9-round neural distinguishers for SIMON32/64. To prove the effectiveness for our distinguishers, we perform the distinguishing attack and key-recovery attack against 15-round SIMON32/64. The results show that the real ciphertexts can be distinguished from random ciphertexts with a probability close to 1 only by 28.7 chosen-plaintext pairs. For the key-recovery attack, the correct key was recovered with a success rate of 23%, and the data complexity and computation complexity are as low as 28 and 220.1 respectively. All the results are better than the existing literature. Furthermore, we briefly discussed the effect of different residual network structures on the training results of neural distinguishers. It is hoped that our findings will provide some reference for future research.

Improved Differential Attack of Seven-Round SEED (7-라운드 SEED에 대한 향상된 차분 공격)

  • Sung, Jae-Chul
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.4
    • /
    • pp.25-30
    • /
    • 2010
  • Block Cipher SEED which was developed by KISA are not only Korea national standard algorithm of TTA but also one of standard 128-bit block ciphers of ISO/IEC. Since SEED had been developed, many analyses were tried but there was no distinguishing cryptanalysis except the 7-round differential attack in 2002. The attack used the 6-round differential characteristic with probability $2^{-124}$ and analyzed the 7-round SEED with $2^{127}$ chosen plaintexts. In this paper, we propose a new 6-round differential characteristic with probability $2^{-110}$ and analyze the 7-round SEED with $2^{113}$ chosen plaintexts.

New Distinguishing Attacks on Sparkle384 Reduced to 6 Rounds and Sparkle512 Reduced to 7 Rounds (6 라운드로 축소된 Sparkle384와 7 라운드로 축소된 Sparkle512에 대한 새로운 구별 공격)

  • Deukjo Hong;Donghoon Chang
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.6
    • /
    • pp.869-879
    • /
    • 2023
  • Sparkle is one of the finalists in the Lightweight Cryptography Standardization Process conducted by NIST. It is a nonlinear permutation and serves as a core component for the authenticated encryption algorithm Schwaemm and the hash function Esch. In this paper, we provide specific forms of input and output differences for 6 rounds of Sparkle384 and 7 rounds of Sparkle512, and make formulas for the complexity of finding input pairs that satisfy these differentials. Due to the significantly lower complexity compared to similar tasks for random permutations with the same input and output sizes, they can be valid distinguishing attacks. The numbers(6 and 7) of attacked rounds are very close to the minimum numbers(7 and 8) of really used rounds.

A Practical Implementation of Fuzzy Fingerprint Vault

  • Lee, Sun-Gju;Chung, Yong-Wha;Moon, Dae-Sung;Pan, Sung-Bum;Seo, Chang-Ho
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.5 no.10
    • /
    • pp.1783-1798
    • /
    • 2011
  • Recently, a cryptographic construct, called fuzzy vault, has been proposed for crypto-biometric systems, and some implementations for fingerprint have been reported to protect the stored fingerprint template by hiding the fingerprint features. In this paper, we implement the fuzzy fingerprint vault, combining fingerprint verification and fuzzy vault scheme to protect fingerprint templates. To implement the fuzzy fingerprint vault as a complete system, we have to consider several practical issues such as automatic fingerprint alignment, verification accuracy, execution time, error correcting code, etc. In addition, to protect the fuzzy fingerprint vault from the correlation attack, we propose an approach to insert chaffs in a structured way such that distinguishing the fingerprint minutiae and the chaff points obtained from two applications is computationally hard. Based on the experimental results, we confirm that the proposed approach provides higher security than inserting chaffs randomly without a significant degradation of the verification accuracy, and our implementation can be used for real applications.

A Study about Flow Characteristics on Delta-wing by PIV (PIV에 의한 델타형 날개에서의 유동특성에 관한 연구)

  • Lee, Hyun;Kim, Beom-Seok;Sohn, Myoung-Hwan;Lee, Young-Ho
    • Proceedings of the KSME Conference
    • /
    • 2003.04a
    • /
    • pp.2151-2156
    • /
    • 2003
  • The distinguishing features of flows at high angles of attacks are caused by the generation of free shear layers at sharp leading edges, by separation of the viscous layers from the surfaces of wings and bodies and by the flow in the wakes of the wings and bodies. In this study, systematic approach by PIV experimental method within a circulating water channel was adopted to study the fundamental characteristics of induced vortex generation, development and its breakdown appearing on a delta wing model with or without LEX in terms of four angles of attack($15^{\circ}$, $20^{\circ}$, $25^{\circ}$, $30^{\circ}$) and six measuring sections(30%, 40%, 50%, 60%, 70%, 80%) of chord length. Distributions of time-averaged velocity vectors and vorticities over the delta wing model were compared along the chord length direction. Highly swept leading edge extension(LEX) applied to delta wings has greatly improved the subsonic maneuverability of contemporary fighters. High-speed CCD camera which made it possible to acquire serial images is able to get the detailed information about the flow characteristics occurred on the delta wing. Especially quantitative comparison of the maximum vorticity featuring the induced pressure distribution were also conducted to clarity the significance of the LEX existence.

  • PDF

High-Resolusion Magnetic Resonance Imaging of Carotid Atherosclerotic Plaque (경동맥 죽상경화반의 고해상도 자기공명영상)

  • Byun, Woo-Mok;Cho, Jae-Ho
    • Journal of Yeungnam Medical Science
    • /
    • v.21 no.2
    • /
    • pp.143-150
    • /
    • 2004
  • A thromboembolic stroke is believed to be precipitated by a rupture of vulnerable atheromatous plaques. Until recently the assessment of a further risk of stroke in high-risk patients in whom atherosclerosis has presented with a transient ischaemic attack (TIA), has been confined to a quantitative assessment of the luminal patency of the internal carotid artery. These traditional stratification parameters are no longer believed to be the most accurate predictors of a thrombo-embolism. This is because the process of vessel wall remodeling can maintain a luminal patency, and consequently, quite large friable plaques may remain unidentified. Accordingly, there is a need for an improved risk assessment. The fibrous cap of a vulnerable plaque is thinner, and an intraplaque hemorrhage and inflammation can occur during the development of atherosclerotic plaque. Several imaging methods for identifying vulnerable plaques have been developed. Recently, high resolution magnetic resonance (MR) imaging has emerged as an accurate non-invasive tool that can characterize the carotid plaque components in vivo. A High resolution carotid magnetic resonance is capable of distinguishing an intact, thick fibrous cap from a thin and ruptured cap in carotid plaque. In addition, a plaque MR can identify the active inflammation and detect a hemorrhage. High resolution carotid MR imaging is a valuable noninvasive method for quantifying the plaque components and identifying vulnerable plaque.

  • PDF

Spontaneous Vertigo (자발현훈)

  • Choi, Kwang-Dong;Kim, Ji Soo
    • Annals of Clinical Neurophysiology
    • /
    • v.9 no.1
    • /
    • pp.1-4
    • /
    • 2007
  • Vertigo is an illusion of rotation, which results from an imbalance within the vestibular system. This review focuses on two common presentations of spontaneous vertigo: acute prolonged spontaneous vertigo and recurrent spontaneous vertigo. Common causes of acute prolonged spontaneous vertigo include vestibular neuritis, labyrinthitis, and brainstem or cerebellar stroke. The history and detailed neurological/neurotological examinations usually provide the key information for distinguishing between peripheral and central causes of vertigo. Brain MRI is indicated in any patient with acute vertigo accompanied by abnormal neurological signs, profound imbalance, severe headache, and central patterns of nystagmus. Recurrent spontaneous vertigo occurs when there is a sudden, temporary, and largely reversible impairment of resting neural activity of one labyrinth or its central connections, with subsequent recovery to normal or near-normal function. Meniere's disease, migrainous vertigo, and vertebrobasilar insufficiency (VBI) are common causes. The duration of the vertigo attack is a key piece of information in recurrent spontaneous vertigo. Vertigo of vascular origin, such as VBI, typically lasts for several minutes, whereas recurrent vertigo due to peripheral inner-ear abnormalities lasts for hours. Screening neurotological evaluations, and blood tests for autoimmune and otosyphilis are useful in assessment of recurrent spontaneous vertigo that are likely to be peripheral in origin.

  • PDF