GOST 28147 is a 256-bit key 64-bit block cipher developed by the USSR, later adopted by the Russian government as a national standard. In 2010, GOST was suggested to be included in ISO/IEC 18033-3, but was rejected due to weaknesses found in its key schedule. In 2015, a new version of GOST was suggested with the purpose of mitigating such attacks. In this paper, we show that similar weaknesses exist in the new version as well. More specifically, we present a fixed-point attack on the full cipher with time complexity of 2237 encryptions. We also present a reflection attack with time complexity of 2192 for a key that is chosen from a class of 2224 weak keys. Finally, we discuss an impossible reflection attack which improves on exhaustive search by a factor of 2e, and several possible related-key attacks.
We cryptanalyze several symmetric encryption and hashing algorithms. A central factor in the security of symmetric cryptographic algorithms is the resistance of their core building block, the primitive, against cryptanalytic attacks such as differential, linear, and algebraic cryptanalysis. The fundamental idea of differential cryptanalysis is to extract secret information or forge malicious messages by investigating the behavior of the primitive for two related, slightly different inputs, and has proven both very powerful and highly versatile since its inception in the 1990s. Resistance against such attacks is thus one of the cornerstones in the design of block ciphers. More recently, alternative symmetric primitives have risen to general attention: Permutations and tweakable block ciphers in particular have shown the potential to rival block ciphers in their role as the ideal primitive for efficient and elegant schemes. However, the available cryptanalytic tools and theory on the design and analysis of these alternative primitives are arguably less mature than for block ciphers. We investigate the security of these primitives against differential cryptanalysis. Compared to classic block ciphers, adversaries who target permutations or tweakable block ciphers can take advantage of known, chosen, or related round-key material. We find that in some cases, the designers' block-cipher-based design strategies do not sufficiently protect against variations of the classical differential strategy. In particular, we break the full security claims of the tweakable block cipher MANTIS-5 and the permutation Simpira v1. We provide a key recovery attack for the round-reduced block cipher LowMC and analyze the authenticated cipher Prost in a related-key setting. We also develop techniques to improve the computer-aided differential analysis of unkeyed primitives, leading to the best practical collision attacks on the round-reduced hash standard SHA-2. ; This work was partially funded by the European Union's Horizon 2020 ...
In this research work, some low complexity and efficient cryptanalysis approaches are proposed to decrypt password (encryption keys). Passwords are still one of the most common means of securing computer systems. Most organizations rely on password authentication systems, and therefore, it is very important for them to enforce their users to have strong passwords. They usually ignore the importance of usability of the password for the users. The more complex they are the more they frustrate users and they end up with some coping strategies such as adding "123" at the end of their passwords or repeating a word to make their passwords longer, which reduces the security of the password, and more importantly there is no scientific basis for these password creation policies to make sure that passwords that are created based on these rules are resistance against real attacks. The current research work describes different password creation policies and password checkers that try to help users create strong passwords and addresses their issues. Metrics for password strength are explored in this research and efficient approaches to calculate these metrics for password distributions are introduced. Furthermore, efficient technique to estimate password strength based on its likelihood of being cracked by an attacker is described. In addition, a tool called PAM has been developed and explained in details in this paper to help users have strong passwords using these metrics; PAM is a password analyzer and modifier.
Conventional cryptanalysis techniques necessitate an extensive analysis of non-linear functions defining the relationship of plain data, key, and corresponding cipher data. These functions have very high degree terms and make cryptanalysis work extremely difficult. The advent of deep learning algorithms along with the better and efficient computing resources has brought new opportunities to analyze cipher data in its raw form. The basic principle of designing a cipher is to introduce randomness into it, which means the absence of any patterns in cipher data. Due to this fact, the analysis of cipher data in its raw form becomes essential. Deep learning algorithms are different from conventional machine learning algorithms as the former directly work on raw data without any formal requirement of feature selection or feature extraction steps. With these facts and the assumption of the suitability of employing deep learning algorithms for cipher data, authors introduced a deep learning based method for finding biases in stream ciphers in the black-box analysis model. The proposed method has the objective to predict the occurrence of an output bit/byte at a specific location in the stream cipher generated keystream. The authors validate their method on stream cipher RC4 and its improved variant RC4A and discuss the results in detail. Further, the authors apply the method on two more stream ciphers namely Trivium and TRIAD. The proposed method can find bias in RC4 and shows the absence of this bias in its improved variant and other two ciphers. Focusing on RC4, the authors present a comparative analysis with some existing methods in terms of approach and observations and showed that their process is more straightforward and less complicated than the existing ones.
