International Association for Cryptologic Research

Ph.D. Database

The aim of the IACR Ph.D. database is twofold. On the first hand, we want to offer an overview of Ph.D. already completed in the domain of cryptology. Where possible, this should also include a subject classification, an abstract, and access to the full text. On the second hand, it deals with Ph.D. subjects currently under investigation. This way, we provide a timely map of contemporary research in cryptology. All entries or changes need to be approved by an editor. You can contact them via phds (at)


Lei Wei (#1012)
Name Lei Wei
Personal Homepage
Topic of his/her doctorate. Analysis of Iterated Block Ciphers
Category secret-key cryptography
Keywords cryptanalysis, block ciphers, Keccak, IDEA
Ph.D. Supervisor(s) Huaxiong Wang, San Ling
Year of completion 2012

A block cipher is the foundation stone of symmetric-key cryptography. Due to its simplicity and high performance, it is often the workhorse for providing confidentiality - one of the primary goals of cryptography. Hence the security of a block cipher is of fundamental importance in the entire infrastructure of cryptography, and therefore block ciphers shall be analyzed and evaluated. This practice is called block cipher cryptanalysis. In this thesis, we analyze a few block ciphers in the classic meet-in-the-middle model and in the recently proposed multidimensional linear cryptanalysis model.

Besides for encryption, block ciphers are also one of the most versatile building blocks used for constructing many other cryptographic primitives. One such example is the compression function of cryptographic hash functions, and there is a close relation between the security analysis of block ciphers and hash functions. In addition, many dedicated cryptographic hash functions are designed with ideas used in block ciphers. Therefore, it is natural that many block cipher cryptanalysis techniques can be transferred to hash function analysis. In this thesis, we analyze hash functions with differential cryptanalysis and techniques inspired by differential cryptanalysis. On the other hand, recent advances in hash function cryptanalysis contribute to the analysis of block ciphers. We give one such example too.

In total we have four main topics on (or closely related to) the security analysis of block ciphers.

  1. We study the multidimensional extension to Matsui’s Algorithm 1 and find improvements that lower the attack’s costs. The new attacks are applied to 9-round and 4-round Serpent, with interesting observations on these improvements and the framework.
  2. We study meet-in-the-middle attacks and their application to the hardware-oriented block cipher Ktantan family and reduced DES. Several recent hash function analysis techniques are used for improving the first attacks.
  3. We conduct differential cryptanalysis for the internal permutation of the SHA-3 finalist Keccak and propose a method named “unaligned rebound attack”, for working with bitwise differential characteristics that have weak or no alignment.
  4. We investigate the block cipher IDEA under weak-key scenarios with respect to mainly differential properties, and find collision attacks for IDEA in single- length and double-block-length hashing modes. Similar investigation on a T-function property leads to a series of (pseudo-) preimage attacks in these modes.

Your Ph.D. thesis as fulltext 138_LeiWei_AnalysisIteratedBlockCiphers.pdf
Last Change 2014-06-21 12:26:19
To provide an update on this entry, please click .

Contact: phds (at)

[ IACR home page ] [ IACR PhDs page ] © IACR