< Back to previous page


Cryptanalysis of symmetric primitives using techniques from numerical optimization.

It is hard to overestimate the ubiquity and importance of secure
communications and information processing in modern society. From
private individuals to industry or governments --- they all rely on
technology guaranteeing the confidentiality, integrity and
authenticity of their communication. To realise these security goals,
one relies on cryptographic algorithms</>, often totally
transparent to theirusers.

For a cryptographic algorithm to be useful, it is important to have a
good understanding to which extent it actually achieves the intended
security goals. Progress in understanding how to analyse("break")
cryptographic algorithms is going to improve our understanding of how
to design them, and vice versa. At the same time, obtaining rigorous
statements about the security guarantees offered by algorithms on the
one hand, and the power of attacks on the other hand is an important
complement to the perpetual interplay between cryptanalysis and

This thesis is dedicated to the study of symmetric-key cryptographic
algorithms, which form the backbone of virtually all security systems.
It aims at improving the understanding of these algorithms by
extending the mathematical foundations regarding design, analysis, and
security proofs of symmetric algorithms.

As a first contribution, we propose nonsmooth cryptanalysis</>, a
novel technique for the analysis of symmetric algorithms based on the
application of methods from nonsmooth optimisation to the solving of
equations over finite fields of characteristic two. We then focus on
rebound attacks</>, a powerful recent method for the cryptanalysis
of hash functions. In this context, we demonstrate new extensions of
this attack on the hash function Grøstl-0, and analyse how to design
a hash function which is resistant to rebound attacks, leading to the
new hash function Whirlwind</>.

Incorporating the advances in cryptanalysis into new design criteria
also requires a rigorous understanding of the exact power of these
attacks. We study two important cryptanalysis methods, linear
cryptanalysis and differential attacks using structures, and obtain
more precise and realistic mathematical models for the complexity
analysis of these attacks. In both cases, we base our study on a
deepened analysis of the statistical phenomena exploited by these

Complementing this analysis, we consider the question of ideal
statistical behaviour with regard to linear and differential
cryptanalysis and some of their extensions, providing an explicit
characterisation of a referencepoint</> for resistance against
these attacks. 

Finally,we study key-alternating ciphers</> from a structural
point of view. With the ubiquitous Advanced Encryption Standard (AES)
belonging to this class, key-alternating ciphers are a particularly
important way of constructing a block cipher. We prove that
key-alternatingciphers can be considered a sound construction
principle. In the context of its resistance to linear attacks, our
study especially highlights the constructive effect of having
multiple, but not too many rounds in such a design.

Date:1 Oct 2008 →  15 Oct 2012
Disciplines:Applied mathematics in specific fields, Computer architecture and networks, Distributed computing, Information sciences, Information systems, Programming languages, Scientific computing, Theoretical computer science, Visual computing, Other information and computing sciences, Communications, Communications technology
Project type:PhD project