eBook

- Introduces cryptography from a cryptanalytic perspective
- Covers linear algebra, sieving, brute force, algorithms based on the birthday paradox, Hadamard–Fourier–Walsh transforms, lattice reduction, and Gröbner bases
- Presents advanced applications, such as LFSR-based stream ciphers, lattice methods for cryptanalysis, elliptic curves, and index calculus methods
- Includes exercises, with some hints and solutions offered on http://www.joux.biz/algcrypt/
- Provides several C codes for download on http://www.joux.biz/algcrypt/

Illustrating the power of algorithms, **Algorithmic Cryptanalysis** describes algorithmic methods with cryptographically relevant examples. Focusing on both private- and public-key cryptographic algorithms, it presents each algorithm either as a textual description, in pseudo-code, or in a C code program.

Divided into three parts, the book begins with a short introduction to cryptography and a background chapter on elementary number theory and algebra. It then moves on to algorithms, with each chapter in this section dedicated to a single topic and often illustrated with simple cryptographic applications. The final part addresses more sophisticated cryptographic applications, including LFSR-based stream ciphers and index calculus methods.

Accounting for the impact of current computer architectures, this book explores the algorithmic and implementation aspects of cryptanalysis methods. It can serve as a handbook of algorithmic methods for cryptographers as well as a textbook for undergraduate and graduate courses on cryptanalysis and cryptography.

*BACKGROUND*

**A Bird’s-Eye View of Modern Cryptography**

Preliminaries

Defining security in cryptography

**Elementary Number Theory and Algebra Background**

Integers and rational numbers

Greatest common divisors in Z

Modular arithmetic

Univariate polynomials and rational fractions

Finite fields

Vectors spaces and linear maps

The RSA and Diffie–Hellman cryptosystems

*ALGORITHMS*

**Linear Algebra**

Introductory example: multiplication of small matrices over F_{2}

Dense matrix multiplication

Gaussian elimination algorithms

Sparse linear algebra

**Sieve Algorithms**

Introductory example: Eratosthenes’s sieve

Sieving for smooth composites

**Brute Force Cryptanalysis**

Introductory example: dictionary attacks

Brute force and the DES algorithm

Brute force as a security mechanism

Brute force steps in advanced cryptanalysis

Brute force and parallel computers

**The Birthday Paradox: Sorting or Not?**

Introductory example: birthday attacks on modes of operation

Analysis of birthday paradox bounds

Finding collisions

Application to discrete logarithms in generic groups

**Birthday-Based Algorithms for Functions**

Algorithmic aspects

Analysis of random functions

Number theoretic applications

A direct cryptographic application in the context of blockwise security

Collisions in hash functions

Hellman’s time memory tradeoff

**Birthday Attacks through Quadrisection**

Introductory example: subset sum problems

General setting for reduced memory birthday attacks

Extensions of the technique

Some direct applications

**Fourier and Hadamard–Walsh Transforms**

Introductory example: studying S-boxes

Algebraic normal forms of boolean functions

Goldreich–Levin theorem

Generalization of the Walsh transform to F_{p}

Fast Fourier transforms

**Lattice Reduction**

Definitions

Introductory example: Gauss reduction

Higher dimensions

Shortest vectors and improved lattice reduction

Dual and orthogonal lattices

**Polynomial Systems and Gröbner Bases Computations**

General framework

Bivariate systems of equations

Definitions: multivariate ideals, monomial orderings, and Gröbner bases

Buchberger algorithm

Macaulay’s matrices

Faugère’s algorithms

Algebraic attacks on multivariate cryptography

On the complexity of Gröbner bases computation

*APPLICATIONS*

**Attacks on Stream Ciphers**

LFSR-based keystream generators

Correlation attacks

Algebraic attacks

Extension to some nonlinear shift registers

The cube attack

Time memory data tradeoffs

**Lattice-Based Cryptanalysis**

Direct attacks using lattice reduction

Coppersmith’s small roots attacks

**Elliptic Curves and Pairings**

Introduction to elliptic curves

The Weil pairing

The elliptic curve factoring method

**Index Calculus Algorithms**

Introduction to index calculus

A simple finite field example

Generalization to finite fields with small enough characteristics

Introduction to the number field sieve

Smoothness probabilities

**References**

**Antoine Joux** is associate professor at Université de Versailles Saint-Quentin-en-Yvelines.

… this book is a must-read/must-have-in-your-shelf for anybody seriously involved in the field of cryptography if only to give an overview of the range of techniques that can be applied to break cryptographic schemes and the cryptographic hurdles that one needs to get over to design secure systems. Also parts of the book can also easily be used as the basis for a cryptography course since every chapter contains exercises (hints and solution to some of them can be found on the author’s website).

I particularly appreciated the focus on the practicality of the provided material: after an overview in plain English, every algorithm is clearly stated in the form of pseudo-code and many of them are also provided in C code. In that way the reader can easily follow the careful complexity analysis to convince himself that it is the algorithm he wants to use and then write an implementation of that algorithm from the book. The practical aspect of book shines as well through the effort of always presenting the most efficient algorithms for a given task with particular constraints in mind.

To sum it up, this book is a mine of information on cryptanalysis and goes above and beyond to provide the reader with everything he needs to become a better cryptographer.

—Alexandre Anzala-Yamajako, *SIGACT News*, 2012

With a plethora of algorithms available to them, readers will be ready to appreciate a number of their applications. … The book also provides a number of downloadable codes in C. … Suggestions are made on how to use the book to meet a variety of teaching needs — including accommodating readers with a stronger computer science background. The flexibility in this approach to learning is a welcome feature of the book and makes it an attractive option for those who may need to deliver pertinent material to a variety of audiences. Such audiences will be provided with a clear presentation of key aspects of this vital scientific discipline. The clarity of exposition should also serve well those who use this book as a handbook.

—*Contemporary Physics*, Volume 52, Issue 3, 2011

… very nice to see the connection between cryptography and the different algorithms. … A convenient extra of the book are the good references. … **Algorithmic Cryptanalysis** is a high level book that covers many interesting topics. I would recommend this book for graduate students with a strong mathematical background, a cryptographic background, knowledge in C-programming and an interest in implementing cryptanalytic attacks. As mentioned before, the book covers interesting topics when it comes to implementing an attack which I haven't seen in any other book before in this combination. …

—IACR Book Reviews, October 2010

… The aim of the book is to survey work on cryptanalysis (both for symmetric and public key cryptography) and to present background on all major cryptanalytic tools. The author is a leading authority who has made major research contributions in most aspects of the subject. To have such a wide-ranging survey of the area written by someone with such depth of experience will be extremely valuable to students and researchers. … Chapters 3, 4 and 15 give an excellent survey of index calculus algorithms for the discrete logarithm problem in finite fields … the book will certainly be useful to postgraduates and researchers in cryptography and cryptanalysis.

—*Mathematical Reviews*, Issue 2010h

The book under review presents a complete panoramic of the different methods and techniques used in modern cryptanalysis … emphasis is in the algorithms, in fact one of the main attractions of the book is the great quantity of algorithms that it presents: some described in pseudocode (listed as algorithms) and others as programs in C language (listed as programs). Additional C implementations can be downloaded from the website www.joux.biz/algcrypt …

—*Zentralblatt MATH* 1172

… This book takes an algorithmic approach to the topic and covers a number of algorithms that might be used in the cryptanalysis of different systems. … There is quite a bit of interesting material in the book … The material is very well presented most of the time … This book could be a very good introduction to cryptanalysis for graduate students who have already been introduced to cryptography and have a fair amount of mathematical background. The book could be used in an advanced undergraduate course as well … It would also be quite an interesting read for those studying algorithms, as some of the algorithms presented are quite intriguing …

—Jeffrey Putnam, *Computing Reviews*, May 2010

This is a work suitable for first-year graduate students or advanced undergraduates. … the addition of the online materials makes this book usable by independent readers or industry algorithm implementers in need of a reference work. … Combining practical algorithms and supported by explanation of the relevant theory, this is a good introduction to cryptanalysis that improves on that good recipe by including key details on current computer architecture. This makes this work succeed as both handbook and textbook.

—Tom Schulte, *MAA Reviews*, April 2010