Fast message franking: From invisible salamanders to encryptment
Message franking enables cryptographically verifiable reporting of abusive messages in end-
to-end encrypted messaging. Grubbs, Lu, and Ristenpart recently formalized the needed …
to-end encrypted messaging. Grubbs, Lu, and Ristenpart recently formalized the needed …
Four attacks and a proof for Telegram
We study the use of symmetric cryptography in the MTProto 2.0 protocol, Telegram's
equivalent of the TLS record protocol. We give positive and negative results. On the one …
equivalent of the TLS record protocol. We give positive and negative results. On the one …
Related-key rectangle attack on 36 rounds of the XTEA block cipher
J Lu - International Journal of Information Security, 2009 - Springer
XTEA is a 64-round block cipher with a 64-bit block size and a 128-bit user key, which was
designed as a short C program that would run safely on most computers. In this paper, we …
designed as a short C program that would run safely on most computers. In this paper, we …
Related-key rectangle attacks on reduced AES-192 and AES-256
This paper examines the security of AES-192 and AES-256 against a related-key rectangle
attack. We find the following new attacks: 8-round reduced AES-192 with 2 related keys, 10 …
attack. We find the following new attacks: 8-round reduced AES-192 with 2 related keys, 10 …
Higher-order differential attack on reduced SHA-256
M Lamberger, F Mendel - Cryptology ePrint Archive, 2011 - eprint.iacr.org
In this work, we study the application of higher-order differential attacks on hash functions.
We show a second-order differential attack on the SHA-256 compression function reduced …
We show a second-order differential attack on the SHA-256 compression function reduced …
Advanced differential-style cryptanalysis of the NSA's skipjack block cipher
J Kim*, RCW Phan** - Cryptologia, 2009 - Taylor & Francis
Skipjack is a block cipher designed by the NSA for use in US government phones, and
commercial mobile and wireless products by AT&T. Among its initial implementations in …
commercial mobile and wireless products by AT&T. Among its initial implementations in …
Second-order differential collisions for reduced SHA-256
In this work, we introduce a new non-random property for hash/compression functions using
the theory of higher order differentials. Based on this, we show a second-order differential …
the theory of higher order differentials. Based on this, we show a second-order differential …
A bit-vector differential model for the modular addition by a constant and its applications to differential and impossible-differential cryptanalysis
SA Azimi, A Ranea, M Salmasizadeh… - Designs, Codes and …, 2022 - Springer
ARX algorithms are a class of symmetric-key algorithms constructed by Addition, Rotation,
and XOR. To evaluate the resistance of an ARX cipher against differential and impossible …
and XOR. To evaluate the resistance of an ARX cipher against differential and impossible …
Attacking reduced-round versions of the SMS4 block cipher in the Chinese WAPI standard
J Lu - … Security: 9th International Conference, ICICS 2007 …, 2007 - Springer
SMS4 is a 32-round block cipher with a 128-bit block size and a 128-bit user key. It is used
in WAPI, the Chinese WLAN national standard. In this paper, we present a rectangle attack …
in WAPI, the Chinese WLAN national standard. In this paper, we present a rectangle attack …
Towards accurate statistical analysis of security margins: New searching strategies for differential attacks
In today's world of the internet, billions of computer systems are connected to one another in
a global network. The internet provides an unsecured channel in which hundreds of …
a global network. The internet provides an unsecured channel in which hundreds of …