Meet-in-the-middle attack

Meet-in-the-middle attack
Not to be confused with man-in-the-middle attack.

The meet-in-the-middle attack is a cryptographic attack which, like the birthday attack, makes use of a space-time tradeoff. While the birthday attack attempts to find two values in the domain of a function that map to the same value in its range, the meet-in-the-middle attack attempts to find a value in each of the range and domain of the composition of two functions such that the forward mapping of one through the first function is the same as the inverse image of the other through the second function — quite literally meeting in the middle of the composed function.

Contents

History

It was first developed as an attack on an attempted expansion of a block cipher by Diffie and Hellman in 1977. When trying to improve the security of a block cipher, one might get the idea to simply use two independent keys to encrypt the data twice. Naively, one might think that this would square the security of the double-encryption scheme. Certainly, an exhaustive search of all possible combination of keys would take 22n attempts if each key is n bits long, compared to the 2n attempts required for a single key.

Diffie and Hellman, however, devised a time-memory tradeoff that could break the scheme in only double the time to break the single-encryption scheme.[1] The attack works by encrypting from one end and decrypting from the other end, thus meeting in the middle.

Example

Assume the attacker knows a set of plaintext and ciphertext: P and C. That is,

C=E_{K_2}(E_{K_1}(P)) ,

where E is the encryption function (cipher), and K1 and K2 are the two keys.

The attacker can then compute EK(P) for all possible keys K and store the results in memory. Afterwards he can decrypt the ciphertext by computing DK(C) for each K. Any matches between these two resulting sets are likely to reveal the correct keys. (To speed up the comparison, the EK(P) set is stored in an in-memory lookup table, then each DK(C) can be matched against the values in the lookup table to find the candidate keys.)

Once the matches are discovered, they can be verified with a second test-set of plaintext and ciphertext. If the keysize is n, this attack uses only 2n + 1 encryptions (and O(2n) space) in contrast to the naive attack, which needs 22n encryptions (but only O(1) space).

See also

References

  1. ^ Diffie, Whitfield; Hellman, Martin E. (June 1977). "Exhaustive Cryptanalysis of the NBS Data Encryption Standard". Computer 10 (6): 74–84. doi:10.1109/C-M.1977.217750. http://www.computer.org/portal/web/csdl/doi/10.1109/C-M.1977.217750. 
v · d · e Block ciphers (security summary)
Common
algorithms
Less common
algorithms
Camellia · CAST-128 · IDEA · RC2 · RC5 · SEED · Skipjack · TEA · XTEA
Other
algorithms
3-Way · ABC · Akelarre · Anubis · ARIA · BaseKing · BassOmatic · BATON · BEAR and LION · CAST-256 · CIKS-1 · CIPHERUNICORN-A · CIPHERUNICORN-E · CLEFIA · CMEA · Cobra · COCONUT98 · Crab · Cryptomeria/C2 · CRYPTON · CS-Cipher · DEAL · DES-X · DFC · E2 · FEAL · FEA-M · FROG · G-DES · GOST · Grand Cru · Hasty Pudding cipher · Hierocrypt · ICE · IDEA NXT · Intel Cascade Cipher · Iraqi · KASUMI · KeeLoq · KHAZAD · Khufu and Khafre · KN-Cipher · Ladder-DES · Libelle · LOKI97 · LOKI89/91 · Lucifer · M6 · M8 · MacGuffin · Madryga · MAGENTA · MARS · Mercy · MESH · MISTY1 · MMB · MULTI2 · MultiSwap · New Data Seal · NewDES · Nimbus · NOEKEON · NUSH · Q · RC6 · REDOC · Red Pike · S-1 · SAFER · SAVILLE · SC2000 · SHACAL · SHARK · SMS4 · Spectr-H64 · Square · SXAL/MBAL · Threefish · Treyfer · UES · Xenon · xmx · XXTEA · Zodiac
Design
Attack
(cryptanalysis)
Brute force · Linear · Differential (Impossible · Truncated· Integral · Boomerang · Mod n · Related-key · Slide · Rotational · Timing · XSL
Standardization
Misc
v · d · e Cryptography

Wikimedia Foundation. 2010.

Игры ⚽ Поможем решить контрольную работу

Look at other dictionaries:

  • Man-in-the-middle attack — Not to be confused with Meet in the middle attack. In cryptography, the man in the middle attack (often abbreviated MITM), bucket brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent …   Wikipedia

  • The Heart Attack — Infobox Television episode Title = The Heart Attack Series = Seinfeld Caption = Elaine and Jerry visit George in the hospital. Season = 2 Episode = 13 Airdate = April 25 1991 Production = Writer = Larry Charles Director = Tom Cherones Guests =… …   Wikipedia

  • List of Malcolm in the Middle episodes — Malcolm in the Middle ran for seven seasons from 2000 to 2006 with 151 episodes produced. Contents 1 Series overview 2 Season 1: 2000 3 Season 2: 2000–2001 4 …   Wikipedia

  • The Amanda Show — Format Sketch comedy Variety show Created by Dan Schneider Starring Amanda Bynes …   Wikipedia

  • Middle Eastern theatre of World War I — Middle Eastern theatre Part of World War I Gallipoli Campaign, April 191 …   Wikipedia

  • The Twins of Destiny — (known as Les Jumeaux du Bout du Monde in French) was a 1991 animated television series produced by French writer Jean Chalopin. It followed the (fictional) quest of two children, Jules and Julie, in their travels across Eurasia seeking to… …   Wikipedia

  • The Two Towers — is the second volume of J. R. R. Tolkien s high fantasy novel The Lord of the Rings . It is preceded by The Fellowship of the Ring and followed by The Return of the King .Title The Lord of the Rings is composed of 6 books , aside from an… …   Wikipedia

  • The Kingdom (film) — The Kingdom Promotional poster Directed by Peter Berg Produced by …   Wikipedia

  • The Red Sea Sharks — (Coke en stock) Cover of the English edition Publisher Casterman …   Wikipedia

  • The Colbert Report — logo Genre Comedy, Satire, News parody …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”