|
|
Line 1: |
Line 1: |
| {{no footnotes|date= March 2009}}
| | Hello! My name is Burton. <br>It is a little about myself: I live in Netherlands, my city of Ijmuiden. <br>It's called often Northern or cultural capital of NH. I've married 3 years ago.<br>I have 2 children - a son (Florene) and the daughter (Emil). We all like Home Movies.<br><br>Here is my web-site - [http://Www.Libertyannjustice.com/2012/12/25/twas-the-night-before-christmas-2012-2/ how To get free Fifa 15 coins] |
| [[Image:Attaque boomerang.png|thumbnail|right|320px|Boomerang attack]]
| |
| In [[cryptography]], the '''boomerang attack''' is a method for the [[cryptanalysis]] of [[block cipher]]s based on [[differential cryptanalysis]]. The attack was published in 1999 by [[David A. Wagner|David Wagner]], who used it to break the [[COCONUT98]] cipher.
| |
| | |
| The boomerang attack has allowed new avenues of attack for many ciphers previously deemed safe from differential cryptanalysis.
| |
| | |
| Refinements on the boomerang attack have been published: the '''amplified boomerang attack''', then the '''rectangle attack'''.
| |
| | |
| ==The attack==
| |
| The boomerang attack is based on [[differential cryptanalysis]]. In differential cryptanalysis, an attacker exploits how differences in the input to a cipher (the plaintext) can affect the resultant difference at the output (the ciphertext). A high-probability "differential" (that is, an input difference that will produce a likely output difference) is needed that covers all, or nearly all, of the cipher. The boomerang attack allows differentials to be used which cover only part of the cipher.
| |
| | |
| The attack attempts to generate a so-called "quartet" structure at a point halfway through the cipher. For this purpose, say that the encryption action, ''E'', of the cipher can be split into two consecutive stages, ''E''<sub>0</sub> and ''E''<sub>1</sub>, so that ''E(M)'' = ''E''<sub>1</sub>(''E''<sub>0</sub>(M)), where ''M'' is some plaintext message. Suppose we have two differentials for the two stages; say,
| |
| :<math>\Delta\to\Delta^*</math>
| |
| for ''E''<sub>0</sub>, and
| |
| :<math>\nabla\to\nabla^*</math> for ''E''<sub>1</sub><sup>-1</sup> (the decryption action of ''E''<sub>1</sub>).
| |
| | |
| The basic attack proceeds as follows:
| |
| * Choose a random plaintext <math>P</math> and calculate <math>P' = P \oplus \Delta</math>.
| |
| * Request the encryptions of <math>P</math> and <math>P'</math> to obtain <math>C = E(P)</math> and <math>C' = E(P')</math>
| |
| * Calculate <math>D = C \oplus \nabla</math> and <math>D' = C' \oplus \nabla</math>
| |
| * Request the decryptions of <math>D</math> and <math>D'</math> to obtain <math>Q = E^{-1}(D)</math> and <math>Q' = E^{-1}(D')</math>
| |
| * Compare <math>Q</math> and <math>Q'</math>; when the differentials hold, <math>Q \oplus Q' = \Delta</math>.
| |
| | |
| ==Application to specific ciphers==
| |
| One attack on [[KASUMI (block cipher)|KASUMI]], a block cipher used in [[3GPP]], is a related-key rectangle attack which breaks the full eight rounds of the cipher faster than exhaustive search (Biham et al., 2005). The attack requires 2<sup>54.6</sup> chosen plaintexts, each of which has been encrypted under one of four related keys, and has a time complexity equivalent to 2<sup>76.1</sup> KASUMI encryptions.
| |
| | |
| ==References==
| |
| * {{cite conference
| |
| | author = [[David A. Wagner|David Wagner]]
| |
| | title = The Boomerang Attack
| |
| | booktitle = 6th International Workshop on [[Fast Software Encryption]] (FSE '99)
| |
| | pages = 156–170
| |
| | publisher = [[Springer-Verlag]]
| |
| | date = March 1999
| |
| | location = [[Rome]]
| |
| | url = http://www.cs.berkeley.edu/~daw/papers/boomerang-fse99.ps
| |
| | format = [[PDF]]/[[PostScript]]
| |
| | accessdate = 2007-02-05 }} [http://www.cs.berkeley.edu/~daw/papers/boomerang-fse99-slides.ps (Slides in PostScript)]
| |
| * {{cite conference
| |
| | author = [[John Kelsey (cryptanalyst)|John Kelsey]], Tadayoshi Kohno, and [[Bruce Schneier]]
| |
| | title = Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent
| |
| | booktitle = FSE 2000
| |
| | pages = 75–93
| |
| | publisher = Springer-Verlag
| |
| | date = April 2000
| |
| | location = [[New York City]]
| |
| | url = http://www.schneier.com/paper-boomerang.html
| |
| | format = PDF/PostScript
| |
| | accessdate = 2007-02-06 }}
| |
| * {{cite conference
| |
| | author = [[Eli Biham]], [[Orr Dunkelman]], and Nathan Keller
| |
| | title = The Rectangle Attack – Rectangling the Serpent
| |
| | booktitle = Advances in Cryptology, Proceedings of [[EUROCRYPT]] 2001
| |
| | pages = 340–357
| |
| | publisher = Springer-Verlag
| |
| | date = May 2001
| |
| | location = [[Innsbruck]]
| |
| | url = http://citeseer.ist.psu.edu/biham01rectangle.html
| |
| | format = PDF/PostScript
| |
| | accessdate = 2007-07-06 }}
| |
| * {{cite conference
| |
| | author = Biham, Dunkelman, Keller
| |
| | title = New Results on Boomerang and Rectangle Attacks
| |
| | booktitle = FSE '02
| |
| | pages = 1–16
| |
| | publisher = Springer-Verlag
| |
| | date = February 2002
| |
| | location = [[Leuven]]
| |
| | url = http://citeseer.ist.psu.edu/504429.html
| |
| | format = PDF/PostScript
| |
| | accessdate = 2007-07-06 }}
| |
| * {{cite conference
| |
| | author = Jongsung Kim, Dukjae Moon, Wonil Lee, Seokhie Hong, Sangjin Lee, Seokwon Jung
| |
| | title = Amplified Boomerang Attack against Reduced-Round SHACAL
| |
| | booktitle = [[ASIACRYPT]] 2002
| |
| | pages = 243–253
| |
| | publisher = Springer-Verlag
| |
| | date = December 2002
| |
| | location = [[Queenstown, New Zealand]] }}
| |
| * {{cite conference
| |
| | author = Biham, Dunkelman, Keller
| |
| | title = Rectangle Attacks on 49-Round SHACAL-1
| |
| | booktitle = FSE '03
| |
| | pages = 22–35
| |
| | publisher = [[Springer-Verlag]]
| |
| | date = February 2003
| |
| | location = [[Lund]]
| |
| | url = http://vipe.technion.ac.il/~orrd/crypt/shacal.pdf
| |
| | format = PDF
| |
| | accessdate = 2007-07-02 }}
| |
| * {{cite conference
| |
| | author = [[Alex Biryukov]]
| |
| | title = The Boomerang Attack on 5 and 6-Round Reduced AES
| |
| | booktitle = [[Advanced Encryption Standard]] — AES, 4th International Conference, AES 2004
| |
| | pages = 11–15
| |
| | publisher = Springer-Verlag
| |
| | date = May 2004
| |
| | location = [[Bonn]]
| |
| | url = http://www.cosic.esat.kuleuven.be/publications/article-206.pdf
| |
| | format = PDF
| |
| | accessdate = 2007-07-06 }}
| |
| * {{cite conference
| |
| | author = Jongsung Kim, Guil Kim, Seokhie Hong, Sangjin Lee, Dowon Hong
| |
| | title = The Related-Key Rectangle Attack — Application to SHACAL-1
| |
| | booktitle = 9th Australasian Conference on Information Security and Privacy (ACISP 2004)
| |
| | pages= 123–136
| |
| | publisher = Springer-Verlag
| |
| | date = July 2004
| |
| | location = [[Sydney]] }}
| |
| * {{cite conference
| |
| | author = Seokhie Hong, Jongsung Kim, Sangjin Lee and [[Bart Preneel]]
| |
| | title = Related-Key Rectangle Attacks on Reduced Versions of SHACAL-1 and AES-192
| |
| | booktitle = FSE '05
| |
| | pages = 368–383
| |
| | publisher = Springer-Verlag
| |
| | date = February 2005
| |
| | location =[[Paris]] }}
| |
| * {{cite conference
| |
| | author = Biham, Dunkelman, Keller
| |
| | title = Related-Key Boomerang and Rectangle Attacks
| |
| | booktitle = EUROCRYPT 2005
| |
| | pages = 507–525
| |
| | publisher = Springer-Verlag
| |
| | date = May 2005
| |
| | location = [[Aarhus]]
| |
| | url = http://vipe.technion.ac.il/~orrd/crypt/relatedkey-rectangle.ps
| |
| | format = PostScript
| |
| | accessdate = 2007-02-16 }}
| |
| * {{cite conference
| |
| | author = Biham, Dunkelman, Keller
| |
| | title = A Related-Key Rectangle Attack on the Full KASUMI
| |
| | booktitle = ASIACRYPT 2005
| |
| | pages = 443–461
| |
| | publisher = Springer-Verlag
| |
| | date = December 2005
| |
| | location = [[Chennai]]
| |
| | url = http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-info.cgi/2005/CS/CS-2005-14
| |
| | format = PDF/PostScript
| |
| | accessdate = 2007-07-06 }}
| |
| | |
| ==External links==
| |
| * [http://www.quadibloc.com/crypto/co4512.htm Boomerang attack] — explained by John Savard
| |
| * [http://www.ma.huji.ac.il/~nkeller Nathan Keller's homepage]
| |
| | |
| {{Cryptography navbox | block}}
| |
| | |
| [[Category:Cryptographic attacks]]
| |