Statistics of Random Permutations and the Cryptanalysis Of Periodic Block Ciphers

TL;DR

This paper uses generating functions to analyze the properties of random permutations and applies these insights to develop new cryptanalytic attacks on block ciphers like Keeloq and iterated AES-256, demonstrating the importance of permutation cycle structures.

Contribution

It introduces a novel application of generating functions to cryptanalysis, deriving rigorous attack probabilities and demonstrating vulnerabilities in highly-iterated block ciphers.

Findings

Developed attacks on Keeloq with precise success probabilities

Identified vulnerabilities in highly-iterated AES-256 in a Triple-DES style setup

Showcased the utility of generating functions in cryptanalytic research

Abstract

A block cipher is intended to be computationally indistinguishable from a random permutation of appropriate domain and range. But what are the properties of a random permutation? By the aid of exponential and ordinary generating functions, we derive a series of collolaries of interest to the cryptographic community. These follow from the Strong Cycle Structure Theorem of permutations, and are useful in rendering rigorous two attacks on Keeloq, a block cipher in wide-spread use. These attacks formerly had heuristic approximations of their probability of success. Moreover, we delineate an attack against the (roughly) millionth-fold iteration of a random permutation. In particular, we create a distinguishing attack, whereby the iteration of a cipher a number of times equal to a particularly chosen highly-composite number is breakable, but merely one fewer round is considerably more secure. We then extend this to a key-recovery attack in a "Triple-DES" style construction, but using AES-256 and iterating the middle cipher (roughly) a million-fold. It is hoped that these results will showcase the utility of exponential and ordinary generating functions and will encourage their use in cryptanalytic research.