Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Attack Against Multiple Encryption Functions

Posted by kdawson on from the think-harder dept.

An anonymous reader sends word of a paper presented a few days back by Adi Shamir, the S in RSA, that promises a new form of mathematical attack against a broad range of cryptographic ciphers. The computerworld.com.au report leans heavily on Schneier's blog entry from the Crypto 2008 conference and the attached comments. Shamir's paper has not been published yet. "[The new attack could affect] hash functions (such as MD5, SHA-256), stream ciphers (such as RC4), and block ciphers (such as DES, Triple-DES, AES) at the Crypto 2008 conference. The new method of cryptanalysis has been called a 'cube attack' and formed part of Shamir's invited presentation at Crypto 2008 — 'How to solve it: New Techniques in Algebraic Cryptanalysis.' The new attack method isn't necessarily going to work against the exact ciphers listed above, but it offers a new generic attack method that can target basically formed ciphers irrespective of the basic cipher method in use, provided that it can be described in a 'low-degree polynomial equation'... What may be the biggest outcome from this research is the range of devices in widespread use that use weaker cryptographic protection, due to power or size limitations, that are now vulnerable to a straightforward mathematical attack."

5 of 130 comments (clear)

  1. news at 11? by Zironic · · Score: 0, Redundant

    Low degree polynomals are relatively easy to crack, news at 11?

    I thought most people used RSA nowadays because of it's mathematical ubreakability. (Huge polynomal):

    Breaking of the stream ciphers can be a problem though.

  2. Elliptic Curve by extirpater · · Score: 0, Redundant

    i'm wondering if elliptic curve cryptography vulnerable to this kind of attack since it's about polynomial equations.

  3. Use two different encryption methods. by Futurepower(R) · · Score: 1, Redundant

    My understanding is that this is the big issue about mathematical attacks: They depend on the encryption method. If you merely encrypt things more than once, using two or more different encryption methods, the chances there will ever be a successful mathematical attack are very, very small.

    I have an enormous amount of respect for Bruce Schneier, but his writing is designed to get him business, not to give easy answers to big problems.

    I recommend GNU Privacy Guard.

  4. Doesn't Affect me by exabrial · · Score: 0, Redundant

    My data is safe since I see that ROT13 isn't affected... Nice try you so-called 'crypto experts'!

  5. "Cube" attack by dpilot · · Score: 1, Redundant

    TFA (I read it a day or two ago, before it was posted to Slashdot.) mentions this as a "cube" attack, along with the low-order polynomial stuff, etc.

    Does this also mean that TIMECUBE is busted?
    I know it's been a while since TIMECUBE reared its ugly head here, but it would be good to hear that it's fully busted, not just sleeping.

    (For the humor impaired, I know the cube attack has nothing to do with TIMECUBE other than sharing 4 letters, but it seemed like a neat idea.)

    --
    The living have better things to do than to continue hating the dead.