This article includes a list of general references, but it lacks sufficient corresponding inline citations. Please help to improve this article by introducing more precise citations.(November 2018) (Learn how and when to remove this message)
In cryptography, the eXtended Sparse Linearization (XSL) attack is a method of cryptanalysis for block ciphers. The attack was first published in 2002 by researchers Nicolas Courtois and Josef Pieprzyk. It has caused some controversy as it was claimed to have the potential to break the Advanced Encryption Standard (AES) cipher, also known as Rijndael, faster than an exhaustive search. Since AES is already widely used in commerce and government for the transmission of secret information, finding a technique that can shorten the amount of time it takes to retrieve the secret message without having the key could have wide implications.
The method has a high work-factor, which unless lessened, means the technique does not reduce the effort to break AES in comparison to an exhaustive search. Therefore, it does not affect the real-world security of block ciphers in the near future. Nonetheless, the attack has caused some experts to express greater unease at the algebraic simplicity of the current AES.
In overview, the XSL attack relies on first analyzing the internals of a cipher and deriving a system of quadratic simultaneous equations. These systems of equations are typically very large, for example 8,000 equations with 1,600 variables for the 128-bit AES. Several methods for solving such systems are known. In the XSL attack, a specialized algorithm, termed eXtended Sparse Linearization, is then applied to solve these equations and recover the key.
The attack is notable for requiring only a handful of known plaintexts to perform; previous methods of cryptanalysis, such as linear and differential cryptanalysis, often require unrealistically large numbers of known or chosen plaintexts.
cryptography, the eXtended Sparse Linearization (XSL) attack is a method of cryptanalysis for block ciphers. The attack was first published in 2002 by researchers...
a fairly simple algebraic framework. In 2002, a theoretical attack, named the "XSLattack", was announced by Nicolas Courtois and Josef Pieprzyk, purporting...
Brisbane, Australia. He has worked on cryptography, in particular the XSLattack. He collaborated in the invention of the LOKI and LOKI97 block ciphers...
square and integral attacks, slide attacks, boomerang attacks, the XSLattack, impossible differential cryptanalysis, and algebraic attacks. For a new block...
University College London. Courtois was one of the co-authors of both the XSLattack against block ciphers, such as the Advanced Encryption Standard, and the...
In cryptography, a timing attack is a side-channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute...
cryptography, the Davies attack is a dedicated statistical cryptanalysis method for attacking the Data Encryption Standard (DES). The attack was originally created...
The rebound attack is a tool in the cryptanalysis of cryptographic hash functions. The attack was first published in 2009 by Florian Mendel, Christian...
1923. Later, Cox-Klemm built the improved XS-2 model, and Loening built the XSL, but the Navy had lost interest in the concept by then. Problems with launching...
Correlation attacks are a class of cryptographic known-plaintext attacks for breaking stream ciphers whose keystreams are generated by combining the output...
extend the number of possibly attacked rounds by the MITM attack. Since biclique cryptanalysis is based on MITM attacks, it is applicable to both block...
cryptography, an interpolation attack is a type of cryptanalytic attack against block ciphers. After the two attacks, differential cryptanalysis and...
cryptography, the boomerang attack is a method for the cryptanalysis of block ciphers based on differential cryptanalysis. The attack was published in 1999...
RFID technology. Their attack works on all known car and building access control systems that rely on the KeeLoq cipher. The attack by the Bochum team allows...
The slide attack is a form of cryptanalysis designed to deal with the prevailing idea that even weak ciphers can become very strong by increasing the number...
to date. No known successful attacks — attack only breaks a reduced version of the cipher Theoretical break — attack breaks all rounds and has lower...
(strengthened against differential cryptanalysis, but weakened against brute-force attacks), which was published as an official Federal Information Processing Standard...
resistant to this attack and many including the Advanced Encryption Standard, have been proven secure against the attack. The attack relies primarily on...
cryptography, a distinguishing attack is any form of cryptanalysis on data encrypted by a cipher that allows an attacker to distinguish the encrypted data...