On Related-Key and Collision Attacks: The Case for the IBM 4758 Cryptoprocessor

Raphael Chung-Wei Phan; Helena Handschuh

On Related-Key and Collision Attacks: The Case for the IBM 4758 Cryptoprocessor

Raphael Chung-Wei Phan, Helena Handschuh

Published: 01 Jan 2004, Last Modified: 13 Nov 2024ISC 2004EveryoneRevisionsBibTeXCC BY-SA 4.0

Abstract: We consider how related-key attacks can be mounted on the IBM 4758 cryptoprocessor, and also show that its EDEx multiple mode is far less secure than one could believe. As few as about 232 known plaintexts and related-key known ciphertexts in the first case, and 234 chosen ciphertexts in the second case are required to mount key-recovery attacks. These results show that seemingly academic attacks seriously need to be taken into consideration when it comes to real-life implementations.

Loading