Strength Evaluation Tools for Common-key Block Ciphers against Linear / Differential / Higher Order Differential / Interpolation / Linear Sum Attack

• Project/Area Number: 14550377
• Research Category: Grant-in-Aid for Scientific Research (C)
• Allocation Type: Single-year Grants
• Section: 一般
• Research Field: 情報通信工学
• Research Institution: Tokyo University of Science
• Principal Investigator: KANEKO Toshinobu Tokyo University of Science, Department of Electrical Engineering, Professor, 理工学部, 教授 (20103038)
• Co-Investigator(Kenkyū-buntansha): 金子 敏信 東京理科大学, 理工学部, 教授 (20103038) ; 田中 秀磨 独立行政法人通信総合研究所, 研究員 (30328570)
• Project Period (FY): 2002 – 2003
• Project Status: Completed (Fiscal Year 2003)
• Budget Amount: ¥3,600,000 (Direct Cost: ¥3,600,000); Fiscal Year 2003: ¥1,400,000 (Direct Cost: ¥1,400,000); Fiscal Year 2002: ¥2,200,000 (Direct Cost: ¥2,200,000)
• Keywords: Common Key Cryptography / Cryptanalysis / Differential Attack / Linear Attack / Higher Order Differential Attack / Interpolation Attack / Linear Sum Interpolation / MISTY / 共通鍵ブロック暗号 / 線形確率 / 差分確率 / 強度評価 / Camellia / KASUMI / ブロック暗号

Research Abstract

Differential attack, Linear attack Higher order differential attack, Interpolation attack and Linear sum interpolation attack are typical attacks for common-key block ciphers. The strength of a block cipher is measured by its differential probability, linear probability, algebraic degrees, and {number of terms and degree} of interpolation polynomial.
In this research, we have developed a block cipher strength evaluation tool which gives the following measure for S-boxes, whose input bit size is less than 16, as C++ functions.
・Differential attack maximal differential probability, best input/output differential and differential probability distribution
・Linear attack : maximal linear probability, best input/output linear mask and linear probability distribution for S-boxes
・Higher order differential attack/Interpolation attack/Linear sum attack : Boolean expression, Interpolation polynomials on GF(2^m) with any modulus polynomial, and characteristics of interpolation polynomials.
These functions are open to public in our home page as free software libraries. Using the tool we also have published papers which discuss the strength / new attack method for MISTY1, KASUMI, Camellia, IDEA, RISM etc.

Research Products

• [Journal Article] RISMの高階差分特性 (2004)
  • Author(s): 殿村裕司, 秦野康夫, 金子敏信
  • Journal Title: 暗号と情報セキュリティシンポジウムSCIS2004 Pages: 1233-1238
  • Description: 「研究成果報告書概要(和文)」より
• [Journal Article] A Characteristic of Higher Order Differential of RISM (2004)
  • Author(s): Y.Tonomura, Y.Hatano, T.Kaneko
  • Journal Title: Proceedings of SCIS 2004 Pages: 1233-1238
  • Description: 「研究成果報告書概要(欧文)」より
• [Journal Article] 共通鍵ブロック暗号のための強度評価ライブラリ (2003)
  • Author(s): 倉松雅章, 秦野康夫, 金子敏信
  • Journal Title: 情報理論とその応用シンポジウム(SITA2003) 26 Pages: 41-44
  • NAID: 10013956906
  • Description: 「研究成果報告書概要(和文)」より
• [Journal Article] An optimized Algebraic Method for Higher Order Differential Attack (2003)
  • Author(s): Y.Hatano, H.Tanaka, T.Kaneko
  • Journal Title: Lecture Notes in Computer Science 2643 Pages: 61-70
  • Description: 「研究成果報告書概要(和文)」より
• [Journal Article] A Study on Higher Order Differential Attack of Camellia (2003)
  • Author(s): T.Kawabata, M.Takeda, T.Kaneko
  • Journal Title: ICICE Trans. on Fundamentals of Electronics, Communications and Computer Science E86-A・No.1 Pages: 31-36
  • NAID: 110003212477
  • Description: 「研究成果報告書概要(和文)」より
• [Journal Article] A Study on Higher Order Differential Attack of Camellia(III) (2003)
  • Author(s): M.Takeda, T.Kaneko
  • Journal Title: APSITT 2003 Proceedings 5 Pages: 209-214
  • Description: 「研究成果報告書概要(和文)」より
• [Journal Article] A Strength Evaluation Library for Symmetric Block Ciphers (2003)
  • Author(s): M.Kuramatu, Y.Hatano, T.Kaneko
  • Journal Title: Proceedings of SITA2003 Pages: 41-44
  • NAID: 10013956906
  • Description: 「研究成果報告書概要(欧文)」より
• [Journal Article] A Study on Higher Order Differential Attack of Camellia (2003)
  • Author(s): T.Kawabata, M.Takeda, T.Kaneko
  • Journal Title: IEICE Trans.on Fundamentals of Electronics, Communications and Computer Science E86-A, No.1 Pages: 31-36
  • NAID: 110003212477
  • Description: 「研究成果報告書概要(欧文)」より
• [Journal Article] A Study on Higher Order Differential Attack of Camellia (III) (2003)
  • Author(s): M.Takeda, T.Kaneko
  • Journal Title: Proceedings of APSITT 2003 Pages: 209-214
  • Description: 「研究成果報告書概要(欧文)」より
• [Journal Article] Higher Order Differential Attack of Camellia(II) (2002)
  • Author(s): Y.Hatano, T.Kaneko
  • Journal Title: Lecture Notes in Computer Science 2595 Pages: 129-146
  • NAID: 110003295985
  • Description: 「研究成果報告書概要(和文)」より
• [Publications] 倉松, 秦野, 金子: "共通鍵ブロック暗号のための強度評価ライブラリ"情報理論とその応用シンポジウム(SITA2003). 26. 41-44 (2003)
• [Publications] Y.Hatano, H.Tanaka, T.Kaneko: "An optimized Algebraic Method for Higher Order Differential Attack"Lecture Notes in Computer Science. 2643. 61-70 (2003)
• [Publications] 畠山和也, 秦野康夫, 金子敏信: "IDEAの弱鍵に関する一考察"電子情報通信学会技術研究報告. ISEC2003-57. 43-47 (2003)
• [Publications] M.Shirota, N.Sugio, Y.Hatano, H.Tanaka, T.Kaneko: "A Higher Order Differential Attack of 7-round MISTY1 without FL Function"APSITT 2003 Proceedings. 5. 203-208 (2003)
• [Publications] M.Takeda, T.Kaneko: "A Study on Higher Order Differential Attack of Camellia (III)"APSITT 2003 Proceedings. 5. 209-214 (2003)
• [Publications] 殿村裕司, 秦野康夫, 金子敏信: "RISMの高階差分特性"暗号と情報セキュリティシンポジウムSCIS2004. 1233-1238 (2004)
• [Publications] T.Kawabata, M.Takeda, T.Kaneko: "A Study on Higher Order Differential Attack of Camellia"IEICE Trans. on Fundamentals of Electronics, Communications and Computer Science. E86-A・No.1. 31-36 (2003)
• [Publications] Y.Hatano, T.Kaneko: "Higher Order Differential Attack of Camellia(II)"Lecture Notes in Computer Science. 2595. 129-146 (2002)
• [Publications] N.Sugio, H.Tanaka, T.Kaneko: "Higher Order Differential Attack of KASUMI"ISITA 2002. 755-758 (2002)
• [Publications] 白田麻貴子, 杉尾信行, 秦野康生, 田中秀磨, 金子敏信: "MISTY1における上一段消去法の適用に関する一考察"暗号と情報セキュリティシンポジウムSCIS2003. 457-462 (2003)
• [Publications] 川端健, 鈴木大, 金子敏信: "共通鍵暗号の線形和攻撃に関する一考察"電子情報通信学会技術研究報告. ISEC2000-135. 49-56 (2001)
• [Publications] 関根泰樹, 金子敏信: "CIPHERUNICORN-AのTruncated差分攻撃耐性に関する一考察"電子情報通信学会技術研究報告. ISEC2001-120. 45-50 (2002)