Questions tagged [meet-in-the-middle-attack]
The meet-in-the-middle attack is an optimized brute-force attack that significantly reduces the number of keys the attacker needs to try by utilizing a time-space trade-off. Work is done from the beginning and from the end of the scheme, and the results are combined linearly rather than exponentially.
80
questions
2
votes
0
answers
46
views
Design criteria of block ciphers in quantum setting
Some design criteria of block ciphers are already known for the resistance against known attacks like differential, linear , boomerang, etc. Does there already exist any study of design criteria of ...
- 31
1
vote
0
answers
99
views
Security of $E(c,k) = AES(c,(k \oplus c)\cdot (2^{n} - 1 - c)) $ used multiple times with low bit keys $k$. Avoids MitmA?
More precisely the Encryption function will be $E(c_i,k_i,i)$ with a 128-bit cipher/number $c_i$, a 16-bit encryption key $k_i$ and a 8-bit index $i$ as input using a
Xor key obfuscation $k'$ with ...
- 453
1
vote
0
answers
93
views
Time-memory tradeoffs in RSA Meet-in-the-Middle attack
We assume a standard secure RSA public key $(n,e)$, e.g. 3072-bit $n$ and $e=65537$.
The Meet-in-the-Middle attack (not to be confused with Man-in-the-Middle attack) on textbook RSA recovers $m$ from $...
- 143k
1
vote
1
answer
87
views
If meet in the middle is a known plaintext attack, and i already have both plaintext and ciphertext, why would i need to find the key?
since I already have plaintext and ciphertext why would I need the key for? what purpose would that serve?
user110859
1
vote
0
answers
59
views
By using a block cipher multiple times in a row is a 128-bit BC as secure as a 256-bit BC which uses his 128-key only as part of the message?
For given 128-bit numbers $S$ and $E$ we want to find a series of keys $k_i$ with
$$ E = BC(BC(BC(.....BC(S, k_1),k_2) ..k_n)$$
We can either use a 128-Bit blocksize block cipher similar to AES (ECB ...
- 453
1
vote
1
answer
93
views
How does the security of AES change if we allow multiple uses in a row? How does it change if we limit the key space? And introduce a filter function?
$$f_0 = A$$
$$f_{n+1}=AES(f_n,k_n)$$
$$f_i = B$$
For given 128-bit values $A, B$ we want to find a chain of suitable 128-bit keys $k_1$ to $k_i$.
The total length $i$ is undetermined. Every valid key ...
- 453
1
vote
1
answer
234
views
Post quantum hybrid model and its security
A hybrid scheme is a combination of a classical and a post-quantum scheme. In the hybrid model, if even the post-quantum section is broken, the hybrid scheme is still secure against non-quantum ...
- 11
2
votes
1
answer
198
views
What is the security of multiple encryption using Even–Mansour scheme (XEX)?
As I know, the best attack on single or double Even-Mansour scheme is N/2, being N the key size (or size of one of the two keys used).
I know that encrypting two times using this scheme is susceptible ...
- 877
2
votes
1
answer
95
views
Paper "How to Meet Ternary LWE Keys": What is t and how is it used
I have read again and again this paper from A. May, but, probably because I am new to this field, I don't succeed in understanding the MEET-LWE part.
In particular, in part 5 it states to choose a &...
- 61
0
votes
0
answers
68
views
Post-quantum security of multiple-encryption with CTR mode of operation while keeping the IVs secret
I received an answer in one of my questions saying that multiple-encryption with CTR mode of operation is vulnerable to a sort of meet-in-the-middle attack if the IVs are public. The same user said ...
- 877
3
votes
1
answer
139
views
Devising a Feistel cipher in which the subkeys are constructed badly so that a meet in the middle attack will compromise its security
I'm trying to find a Feistel cipher in which the subkeys are constructed badly so that a meet in the middle attack will compromise its security. I thought about trying out a cipher where all the ...
- 151
0
votes
0
answers
165
views
Time and space complexity analyzation of meet and middle attack of triple DES
How can we analyze the time and space complexity of meet and middle attack on a Triple-DES?
0
votes
0
answers
54
views
Is multiple encryption with XORs between each encryption operation susceptible to meet-in-the-middle attacks?
Let's suppose I take a cipher with key size equal to the block size (Threefish).
I XOR a random block in the ciphertext, encrypt with a key, XOR another random block, encrypt again with another key ...
- 877
2
votes
1
answer
128
views
Is multiple encryption using a block cipher mode of operation that use only encryption processes vulnerable to Meet-in-the-middle attacks?
Some block cipher modes of operation use only encryption processes, such as CFB, OFB and CTR.
If doing multiple encryptions using them, will these encipherment schemes be vulnerable to Meet-in-the-...
- 877
1
vote
1
answer
194
views
Is multiple encryption with XTS mode susceptible to Meet-in-the-middle attacks?
Let's suppose I encrypt something with AES-256 in XTS mode two times (there will be 4 four keys, 2 for each encryption operation), wanting to achive 512-bits of security.
Will this scheme be ...
- 877