International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Pascal Junod

Affiliation: University of Applied Sciences and Arts Western Switzerland

Publications

Year
Venue
Title
2015
EPRINT
2009
PKC
2009
FSE
2005
FSE
2004
ASIACRYPT
2003
EUROCRYPT
2003
FSE
2003
EPRINT
Did Filiol Break AES ?
On January 8th 2003, Eric Filiol published on the eprint a paper (eprint.iacr.org/2003/003/) in which he claims that AES can be broken by a very simple and very fast ciphertext-only attack. If such an attack existed, it would be the biggest discovery in code-breaking since some 10 or more years. Unfortunately the result is very hard to believe. In this paper we present the results of computer simulations done by several independent people, with independently written code. Nobody has confirmed a single anomaly in AES, even for much weaker versions of the bias claimed by the author. We also studied the source code provided by the author to realize that the first version had various issues and bugs, and the latest version still does not confirm the claimed result on AES.
2003
EPRINT
On the Optimality of Linear, Differential and Sequential Distinguishers
Pascal Junod
In this paper, we consider the statistical decision processes behind a linear and a differential cryptanalysis. By applying techniques and concepts of statistical hypothesis testing, we describe precisely the shape of optimal linear and differential distinguishers and we improve known results of Vaudenay concerning their asymptotic behaviour. Furthermore, we formalize the concept of ``sequential distinguisher'' and we illustrate potential applications of such tools in various statistical attacks.
2001
EPRINT
On the Complexity of Matsui's Attack
P. Junod
Linear cryptanalysis remains the most powerful attack against DES at this time. Given $2^{43}$ known plaintext-ciphertext pairs, Matsui expected a complexity of less than $2^{43}$ DES evaluations in 85% of the cases for recovering the key. In this paper, we present a theoretical and experimental complexity analysis of this attack, which has been simulated 21 times using the idle time of several computers. The experimental results suggest a complexity upper-bounded by $2^{41}$ DES evaluations in 85% of the case, while more than the half of the experiments needed less than $2^{39}$ DES evaluations. In addition, we give a detailed theoretical analysis of the attack complexity.

Program Committees

FSE 2016
FSE 2012
FSE 2011
CHES 2011
FSE 2008
FSE 2007