World Library  
Flag as Inappropriate
Email this Article

Known-key distinguishing attack

Article Id: WHEBN0048235152
Reproduction Date:

Title: Known-key distinguishing attack  
Author: World Heritage Encyclopedia
Language: English
Subject: Advanced Encryption Standard, WikiProject Cryptography, Attack model, Cryptographic attacks, Cobra ciphers
Collection: Cryptographic Attacks
Publisher: World Heritage Encyclopedia

Known-key distinguishing attack

In cryptography, a known-key distinguishing attack is an attack model against symmetric ciphers, whereby an attacker who knows the key can find a structural property in cipher, where the transformation from plaintext to ciphertext is not random. There is no common formal definition for what such a transformation may be. The chosen-key distinguishing attack is strongly related, where the attacker can choose a key to introduce such transformations.[1]

These attacks do not directly compromise the confidentiality of ciphers, because in a classical scenario, the key is unknown to the attacker. Known-/chosen-key distinguishing attacks apply in the "open key model" instead.[1] They are known to be applicable in some situations where block ciphers are converted to hash functions, leading to practical collision attacks against the hash.[2]

Known-key distinguishing attacks were first introduced in 2007 by Lars Knudsen and Vincent Rijmen[1] in a paper that proposed such an attack against 7 out of 10 rounds of the AES cipher and another attack against a generalized Feistel cipher. Their attack finds plaintext/ciphertext pairs for a cipher with a known key, where the input and output have s least significant bits set to zero, in less than 2s time (where s is fewer than half the block size).[3]

These attacks have also been applied to reduced-round Threefish (Skein)[4][5] and Phelix.[6]

See also


  1. ^ a b c Elena Andreeva, Andrey Bogdanov, Bart Mennink (8 July 2014). Towards Understanding the Known-Key Security of Block Ciphers.  
  2. ^ Yu Sasaki, Kan Yasuda (2011). Known-Key Distinguishers on 11-Round Feistel and Collision Attacks on Its Hashing Modes (PDF).  
  3. ^  
  4. ^  
  5. ^ Dmitry Khovratovich, Ivica Nikolic, Christian Rechberger (20 October 2010). "Rotational Rebound Attacks on Reduced Skein". 
  6. ^ Yaser Esmaeili Salehani, Hadi Ahmadi (2006). "A Chosen-key Distinguishing Attack on Phelix". 

Further reading

  • Yu Sasaki, Kan Yasuda. "Formalizing Known-Key “Distinguishers” - New Attacks on Feistel Ciphers" (PDF). Slides from  

This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.

Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.