Paper 2007/227

Related-Key Statistical Cryptanalysis

Darakhshan J. Mir and Poorvi L. Vora


This paper presents the Cryptanalytic Channel Model (CCM). The model treats statistical key recovery as communication over a low capacity channel, where the channel and the encoding are determined by the cipher and the specific attack. A new attack, related-key recovery -- the use of $n$ related keys generated from $k$ independent ones -- is defined for all ciphers vulnerable to single-key recovery. It is shown to correspond to the use of a concatenated code over the channel, where the relationship among the keys determines the outer code, and the cipher and the attack the inner code. It is shown that there exists a relationship among keys for which the communication complexity per bit of independent key is finite, for any probability of key recovery error. This may be compared to the unbounded communication complexity per bit of the single-key-recovery attack. The practical implications of this result are demonstrated through experiments on reduced-round DES.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
cryptanalysisinformation theory
Contact author(s)
poorvi @ gwu edu
2007-07-07: revised
2007-06-19: received
See all versions
Short URL
Creative Commons Attribution


      author = {Darakhshan J.  Mir and Poorvi L.  Vora},
      title = {Related-Key Statistical Cryptanalysis},
      howpublished = {Cryptology ePrint Archive, Paper 2007/227},
      year = {2007},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.