How does the meet in middle attack work on Double DES?

Information SecuritySafe & SecurityData Structure

The Double DES uses two example of DES cipher for encryption and two units of reverse DES cipher for decryption. Each unit of DES cipher needs multiple key for encryption which enhance the size of the key (112 bit) creating it more secure. But in the double DES can be destroyed by known plaintext attack known as meet-in-themiddle attack.

Given a plaintext P and two encryption keys K1 and K2, ciphertext C is produced as C = Ek2(Ek1, (m)) decryption needed that the keys be used in reverse order −

P = Dk1(Dk2, (C))

A Meet-in-the-Middle (MitM) Attack is a type of cryptanalytic attack where the attacker need some type of space or time tradeoff to support the attack. MITM attempt can decrease the amount of difficulty needed to perform the assault in its original state.

Merkle and Hellman introduced the terms of meet-in-the-middle attack. This attack contains encryption from one end and decryption from another and connecting the result in the middle, therefore is the name meet-in-the-middle.

MITM can create the form of dividing the target connection into two so that each element can be addressed independently. It can mean changing an attack requiring X amount of time into one requiring Y time and Z space. The goal is to significantly decrease the effort required to implement a brute-force attack.

Meet-in-the-Middle adversaries try to reconcile the difficulty contained in a high cryptanalytic attack by meeting in the middle, or halving the area of what they are analyzing to create the effort applicable or reasonable in their view.

The objective of an attack is to steal personal information, including login credentials, account details and credit card numbers. Targets are frequently the users of monetary applications, SaaS businesses, e-commerce sites and other websites where logging in is needed.

Information acquired during an attack can be used for several goals, such as identity theft, unapproved fund transfers or an illicit password change.

There are two keys including K1 and K2 are used for encrypt plaintext P into ciphertext C and the similar K1 and K2 are used for decryption. The intermediate text produced by first encryption and of first decryption, M should be the similar i.e., the two relationship must hold.

Cosnider a cryptanalyst have a previous pair of P and C then it can use all possible values (256) of K1 and record all values of M. Similarly for all values of K2 access all M and thus compare these M’s of K1 and K2 and discover a pair of K1 and K2 for which M is same.

If only one such pair occur then K1 and K2 are the desired keys. If more than one pair exists for which K1 and K2 are equal, another intercepted plaintext/ciphertext pair is utilized.

Updated on 15-Mar-2022 09:37:59