nach oben

Erschienen in:

2024 | OriginalPaper | Buchkapitel

The Exact Multi-user Security of 2-Key Triple DES

verfasst von : Yusuke Naito, Yu Sasaki, Takeshi Sugawara

Erschienen in: Topics in Cryptology – CT-RSA 2024

Verlag: Springer Nature Switzerland

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

We study the tight multi-user (mu) security of 2-key triple encryption (2kTE) with its application to 2-key TDES. With an n-bit block and k-bit key primitive block cipher, our new mu lower bound regarding the number of primitive queries is \(2^{\min \{2k,k+n\}}/q\) with \(q\) construction queries, which matches the previous best attacks and is tight. The bound ensures \((112 - \log _2 q)\)-bit security with 2-key TDES, and this can be used to evaluate and predict the security of systems supporting 2-key TDES for legacy use. We finally show that the FX construction does not efficiently improve the mu security with 2kTE, unlike the previous result with 3-key triple encryption appeared in CCS 2022. We show a concrete key-recovery attack with \(O(2^{n+k}/q)\) primitive queries.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Automated-Based Rebound Attacks on ACE Permutation

Nächstes Kapitel Improved Meet-in-the-Middle Attacks on Nine Rounds of the AES-192 Block Cipher

The security of the single encryption is k bits by an exhaustive key search.

[9] is better with \(k<n\), e.g., DES, but it is out of the scope of [11] because \(q = 2^k\).

This is because in the ideal world, a random permutation and the underlying ideal cipher are independently defined.

Thus \(X^{(\alpha _1)} = M^{(\nu , \alpha )}\), \(W^{(\alpha _1)} = K_1^{(\nu )}\), and \(W^{(\alpha _2)} = K_2^{(\nu )}\).

This is because for each \(\nu \in [u]\), \(K_2^{(\nu )}\) is used at only the 2nd round.

Armknecht, F., Fleischmann, E., Krause, M., Lee, J., Stam, M., Steinberger, J.: The preimage security of double-block-length compression functions. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 233–251. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25385-0_13CrossRef

Barker, E., Mouha, N.: NIST special publication 800-67 rev. 2: recommendation for the triple data encryption algorithm (TDEA) block cipher (2017)

Barker, E., Roginsky, A.: NIST special publication 800-131A: transitioning the use of cryptographic algorithms and key lengths (2011)

Barker, E., Roginsky, A.: NIST special publication 800-131A revision 2: transitioning the use of cryptographic algorithms and key lengths (2019)

Bellare, M., Tackmann, B.: The multi-user security of authenticated encryption: AES-GCM in TLS 1.3. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 247–276. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_10CrossRef

Biham, E.: How to decrypt or even substitute DES-encrypted messages in \(2^{28}\) steps. Inf. Process. Lett. 84(3), 117–124 (2002)MathSciNetCrossRef

Chen, S., Lampe, R., Lee, J., Seurin, Y., Steinberger, J.: Minimizing the two-round even-Mansour cipher. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 39–56. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_3CrossRef

Degabriele, J.P., Govinden, J., Günther, F., Paterson, K.G.: The security of ChaCha20-Poly1305 in the multi-user setting. In: CCS 2021, pp. 1981–2003 (2021)

Diffie, W., Hellman, M.E.: Special feature exhaustive cryptanalysis of the NBS data encryption standard. Computer 10(6), 74–84 (1977)CrossRef

10.

EMVCo: EMV integrated circuit card specifications for payment systems, book2, security and key management version 4.3 (2011)

11.

Gazi, P., Lee, J., Seurin, Y., Steinberger, J.P., Tessaro, S.: Relaxing full-codebook security: a refined analysis of key-length extension schemes. In: FSE 2015, vol. 9054, pp. 319–341 (2015)

12.

Hoang, V.T., Tessaro, S.: Key-alternating ciphers and key-length extension: exact bounds and multi-user security. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 3–32. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_1CrossRef

13.

Hoang, V.T., Tessaro, S., Thiruvengadam, A.: The multi-user security of GCM, revisited: tight bounds for nonce randomization. In: CCS 2018, pp. 1429–1440 (2018)

14.

ISO: ISO/TR 19038:2005 banking and related financial services—triple DEA—modes of operation—implementation guidelines (2005)

15.

ISO: ISO/TR 14742:2010 financial services—recommendations on cryptographic algorithms and their use (2010)

16.

Kilian, J., Rogaway, P.: How to protect DES against exhaustive key search (an analysis of DESX). J. Cryptol. 14(1), 17–35 (2001)MathSciNetCrossRef

17.

Luykx, A., Mennink, B., Paterson, K.G.: Analyzing multi-key security degradation. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 575–605. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_20CrossRef

18.

Mitchell, C.J.: On the security of 2-key triple DES. IEEE Trans. Inf. Theory 62(11), 6260–6267 (2016)MathSciNetCrossRef

19.

Naito, Y., Sasaki, Y., Sugawara, T., Yasuda, K.: The multi-user security of triple encryption, revisited: exact security, strengthening, and application to TDES. In: CCS 2022 (2022)

20.

NIST: FIPS pub. 46-3: Data encryption standard (1999)

21.

van Oorschot, P.C., Wiener, M.J.: A known-plaintext attack on two-key triple encryption. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 318–325. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-46877-3_29CrossRef

22.

Patarin, J.: The “coefficients H’’ technique. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 328–345. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04159-4_21CrossRef

23.

Rescorla, E.: RFC 8446: the transport layer security (TLS) protocol version 1.3 (2018)

24.

Rescorla, E., Tschofenig, H., Modadugu, N.: The datagram transport layer security (DTLS) protocol version 1.3 (2021)

25.

Thomson, M., Turner, S.: Using TLS to secure QUIC. RFC 9001, 1–52 (2021)

26.

Ward, M.: How EMVCo is supporting card data encryption advancements for card personalisation (2021). https://www.emvco.com/emv_insights_post/how-emvco-is-supporting-card-data-encryption-advancements-for-card-personalisation. Accessed 15 Oct 2022

Titel: The Exact Multi-user Security of 2-Key Triple DES
verfasst von: Yusuke Naito
Yu Sasaki
Takeshi Sugawara
Verlag: Springer Nature Switzerland
Buch: Topics in Cryptology – CT-RSA 2024
Print ISBN: 978-3-031-58867-9

Electronic ISBN: 978-3-031-58868-6

Copyright-Jahr: 2024
DOI: https://doi.org/10.1007/978-3-031-58868-6_5

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner