OBAKE Cryptanalysis: Differential


The differential analysis is based on the changes in plaintext information using the same secret key. This way, the propagation (or not) of this change can be lead the attacker to assembly a dictionary of possible keys based on the ciphertext information. Suppose a slight change in the plaintext (original data) causes a significant change in the ciphertext (encrypted information). In that case, it becomes evident that the algorithm is resistant to this attack.

NPCR - Net Pixel Chaneg rate

NPCR1
NPCR2

The algorithm we utilized was the NPCR (Net Pixel Change Rate), which basically compares the binary results among different sets. It is normally used to check randomness between images, but its comparison is perfect for differential analysis on any data set. Since we used three files (Dif1, Dif2, and Dif3) and we also have three encrypted files of each algorithm, using a comparison between the files 1x2, 1x3, and 2x3 is perfectly acceptable as a kind of Differential analysis.

For our test, we encrypted three files in TXT using the same secret-key (the letter "a"), each one containing only one sequence in ASCII plaintext mode (aiming to make the attack as easy as possible) and modifying only 1 byte between them, as shown below:


Dif1.txt:

ABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890


Dif2.txt:

ABCDEFGHIJKLMNO@QRSTUVWXYZ01234567890


Dif3.txt:

ABCDEFGHIJKLMNOPQRSTUVWXYZ01233567890


The algorithm we utilized was the NPCR (Net Pixel Change Rate), which basically compares the binary results among different sets. It checks randomness between images, but its comparison is perfect for differential analysis on any data set. Since we used three files (Dif1, Dif2, and Dif3), we also have three encrypted files of each algorithm, using a comparison between the files 1x2, 1x3, and 2x3.


In our test, we selected the block ciphers (OBAKE-512 and AES-CBC) as the two stream ciphers (AES-NI and the XSalsa20). As can be viewed, OBAKE-512 changes all bytes of the encryption result, independent of the plaintext data being the same or similar on most.


The result shows that we got the maximum grade in all comparisons (100%), indicating that all bytes differ between the two compared files. This is the evidence that OBAKE-512 is strong in relation to differential and known-text attacks.


Notice that on stream-ciphers is normal a lower rate since the change in ciphertext occurs mainly (not necessarily "only") after the changed byte in the plaintext.


If you want details about the program and the files used here, please visit this page.

Differential Analysis

Bibliographic references


J. S. Y.Wu, "NPCR and UACI Randomness Tests for Image Encryption," Cyber Journals: Multidisciplinary Journals in Science and Technology, Journal of Selected Areas in Telecommunications (JAST), no. April, 2011.

A. Biryukov, J. Nakahara et al., "Differential entropy analysis of the IDEA block cipher", Journal of Computational and Applied Mathematics, Vol 259 Part B, 2014

T.M. Cover, J.A. Thomas, "Elements of Information Theory", Wiley-Interscience, 1991

D. Stinson, "Criptography: Theory and Practice", Chapman & Hall/CRC, 2006.

A. Biryukov, "Encyclopedia of Cryptography and Security", H. C. v. Tilborg, Ed., SpringerScience+Business Media LLC, 2011.