Critique of the related-key attack concept |
| |
Authors: | David G Harris |
| |
Institution: | 1. United States Department of Defense, Washington, DC, USA
|
| |
Abstract: | In a related-key attack, an attacker seeks to discover the secret key by requesting encryptions under keys related to the secret key in a manner chosen by the attacker. We describe a new related-key attack against generic ciphers, requiring just O(1) work to distinguish a cipher from random, and O(key length) to completely recover the secret key. This attack applies within a model which was not previously known to be vulnerable, undermining the theoretical foundation of the related-key attack concept. We propose a new definition of related-key security, which prevents all known generic attacks including this new attack. We discuss the theoretical consequences of this new definition. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|