翻訳と辞書 Words near each other ・ "O" Is for Outlaw ・ "O"-Jung.Ban.Hap. ・ "Ode-to-Napoleon" hexachord ・ "Oh Yeah!" Live ・ "Our Contemporary" regional art exhibition (Leningrad, 1975) ・ "P" Is for Peril ・ "Pimpernel" Smith ・ "Polish death camp" controversy ・ "Pro knigi" ("About books") ・ "Prosopa" Greek Television Awards ・ "Pussy Cats" Starring the Walkmen ・ "Q" Is for Quarry ・ "R" Is for Ricochet ・ "R" The King (2016 film) ・ "Rags" Ragland ・ ! (album) ・ ! (disambiguation) ・ !! ・ !!! ・ !!! (album) ・ !!Destroy-Oh-Boy!! ・ !Action Pact! ・ !Arriba! La Pachanga ・ !Hero ・ !Hero (album) ・ !Kung language ・ !Oka Tokat ・ !PAUS3 ・ !T.O.O.H.! ・ !Women Art Revolution Dictionary Lists mini英和辞書 mini和英辞書 Webster 1913 Latin-English FOLDOC Wikipedia English ウィキペディア

翻訳と辞書　辞書検索 [ 開発暫定版 ] スポンサード リンク boomerang attack ： ウィキペディア英語版 boomerang attack In cryptography, the boomerang attack is a method for the cryptanalysis of block ciphers based on differential cryptanalysis. The attack was published in 1999 by David Wagner, who used it to break the COCONUT98 cipher. The boomerang attack has allowed new avenues of attack for many ciphers previously deemed safe from differential cryptanalysis. Refinements on the boomerang attack have been published: the amplified boomerang attack, then the rectangle attack. ==The attack== The boomerang attack is based on differential cryptanalysis. In differential cryptanalysis, an attacker exploits how differences in the input to a cipher (the plaintext) can affect the resultant difference at the output (the ciphertext). A high-probability "differential" (that is, an input difference that will produce a likely output difference) is needed that covers all, or nearly all, of the cipher. The boomerang attack allows differentials to be used which cover only part of the cipher. The attack attempts to generate a so-called "quartet" structure at a point halfway through the cipher. For this purpose, say that the encryption action, ''E'', of the cipher can be split into two consecutive stages, ''E''0 and ''E''1, so that ''E(M)'' = ''E''1(''E''0(M)), where ''M'' is some plaintext message. Suppose we have two differentials for the two stages; say, :$\backslash Delta\backslash to\backslash Delta^$ * for ''E''0, and :$\backslash nabla\backslash to\backslash nabla^$ * for ''E''1−1 (the decryption action of ''E''1). The basic attack proceeds as follows: * Choose a random plaintext $P$ and calculate $P\text{'}\; =\; P\; \backslash oplus\; \backslash Delta$. * Request the encryptions of $P$ and $P\text{'}$ to obtain $C\; =\; E(P)$ and $C\text{'}\; =\; E(P\text{'})$ * Calculate $D\; =\; C\; \backslash oplus\; \backslash nabla$ and $D\text{'}\; =\; C\text{'}\; \backslash oplus\; \backslash nabla$ * Request the decryptions of $D$ and $D\text{'}$ to obtain $Q\; =\; E^(D)$ and $Q\text{'}\; =\; E^(D\text{'})$ * Compare $Q$ and $Q\text{'}$; when the differentials hold, $Q\; \backslash oplus\; Q\text{'}\; =\; \backslash Delta$. 抄文引用元・出典: フリー百科事典『 ウィキペディア（Wikipedia）』 ■ウィキペディアで「boomerang attack」の詳細全文を読む スポンサード リンク 翻訳と辞書 : 翻訳のためのインターネットリソース Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.