lect1  Lecture 10

"Is DES a group?  Meet in the Middle Attack. Differential Cryptanalysis."



[tentative]
1. Is DES a group? What is the size of the subgroup generated by DES?
2. Slide attacks and  related-key attacks on block-ciphers.
3. Shannon's mixing transformation, DESX and Even-Mansour constructions
   [easy way to increase the key size in a cipher, also called whitening]
   [Kilian-Rogaway's proof of a lower bound for DESX in a black-box model]
6. Differential and Linear Attacks on DES and other ciphers. Secret design principles of DES.

Reading for the lecture
 
 

0. FIPS PUB: The Data Encryption Standard.

1. Don Coppersmith, "The Data Encryption Standard and its Strength Against Attacks".
IBM TR. [not on-online].

2. R.Sedgewick, T.G.Szymanski, A.C.Yao, "The complexity of finding cycles in periodic functions",
SIAM J.of Comp., 11 (1982), 376-390.

3. B.Kaliski, R.Rivest, A.Sherman, "Is the DES a Group? (results of cycling experiments on DES)",
J.of Cryptology, 1, 1988, 3-36.

4. Eli Biham, Adi Shamir, "Differential Cryptanalysis of the Full 16-Round DES (.ps)",
   CS 708, December 1991,   Proceedings of Crypto'92, LNCS 740