Related-Key Cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA
ICICS '97 Proceedings, Springer-Verlag, November 1997, pp. 233-246.
ABSTRACT: We present new related-key attacks on the block ciphers 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA. Differential related-key attacks allow both keys and plaintexts to be chosen with specific differences. Our attacks build on the original work, showing how to adapt the general attack to deal with the difficulties of the individual algorithms. We also give specific design principles to protect against these attacks.
[full text – postscript] [full text – PDF (Acrobat)]
Note: Plagiarism Incident
A paper published in the December 2004 issue of the SIGCSE Bulletin, “Cryptanalysis of some encryption/cipher schemes using related key attack,” by Khawaja Amer Hayat, Umar Waqar Anis, and S. Tauseef Ur Rehman, is the same as this paper, which John Kelsey, David Wagner, and I published in 1997.
It’s clearly plagiarism. Sentences have been reworded or summarized a bit and many typos have been introduced, but otherwise it’s the same paper. It’s copied, with the same section, paragraph, and sentence structure—right down to the same mathematical variable names. It has the same quirks in the way references are cited. And so on.
We wrote two papers on the topic; this is the second. They don’t list either of our papers in their bibliography. They do have a lurking reference to “[KSW96]” (the first of our two papers) in the body of their introduction and design principles, presumably copied from our text; but a full citation for “[KSW96]” isn’t in their bibliography. Perhaps they were worried that one of the referees would read the papers listed in their bibliography, and notice the plagiarism.
The three authors are from the International Islamic University in Islamabad, Pakistan. The third author, S. Tauseef-Ur-Rehman, is Department head (and faculty member) in the Telecommunications Engineering Department at this Pakistani institution. If you believe his story—which is probably correct—he had nothing to do with the research, but just appended his name to a paper by two of his students. (This is not unusual, and happens all the time in Universities all over the world.) But that doesn’t get him off the hook, either. He’s still responsible for anything he puts his name on.
And we’re not the only ones. The same three authors plagiarized this paper by French cryptographer Serge Vaudenay and others.
I wrote to the editor of the SIGCSE Bulletin, who removed the paper from their website and demanded official letters of admission and apology. They said that they would ban them from submitting again, but have since backpedaled. Mark Mandelbaum, Director of the Office of Publications at ACM, now says that ACM has no policy on plagiarism and that nothing additional will be done.
I don’t blame the journals for letting these papers through. I’ve refereed papers, and it’s pretty much impossible to verify that a piece of research is original. We’re largely self-policing.
Mostly, the system works. These three have been found out, and should be fired and/or expelled. Certainly ACM should ban them from submitting anything, and I am very surprised at their claim that they have no policy with regards to plagiarism. Academic plagiarism is serious enough to warrant that level of response. I don’t know if the system works in Pakistan, though. I hope it does. These people knew the risks when they did it. And then they did it again.
If I sound angry, I’m not. I’m more amused. I’ve heard of researchers from developing countries resorting to plagiarism to pad their CVs, but I’m surprised see it happen to me. I mean, really; if they were going to do this, wouldn’t it have been smarter to pick a more obscure author?
And it’s nice to know that our work is still considered relevant eight years later.
Update: another paper, “Analysis of Real-time Transport Protocol Security” by Junaid Aslam, Saad Rafique and S. Tauseef-ur-Rehman, has been plagiarized from this original: “Real-time Transport Protocol (RTP) security” by Ville Hallivuori.
The apologies:
From: “Dr.S.Tauseef Ur Rehman” <tauseef
iiu.edu.pk>
Subject: RE: Claim of Plagiarism
Date: Fri, 22 Jul 2005 10:17:44 +0500
Dear All!
Hi,
First of all I am really sorry for the sad incidence. I fully agree that plagiarism is indeed an acute problem. The said paper was prepared by the student but I should have been more careful. I regret the omission on my part and offer my sincere apologies. Furthermore, I assure all of you that I will be more careful in future so as not to repeat the incidence.
Regards
From: “Dr.S.Tauseef Ur Rehman” <tauseef
Subject: RE: Plagairism
Date: Fri, 22 Jul 2005 20:28:27 +0500
Dear Mr. Bruce Schneier!
Hi,
I have written to the people concerned in this case and offer my sincere apologies. I have contacted the co-authors. These were the students that were working with me and as a supervisor I failed to properly check the validity of the paper. Already I have sent an email to apologize to all concerned and as such I regret the omission on my part.
The students have also sent an email to you and all concerned regarding this. I am at a loss of words to explain my feelings right now, but one thing is for sure, I sincerely regret the error.
In the end I have no way to justify this, but I am once again asking for forgiveness from your side.
That’s the whole episode and I wish that this would not happen in the first place. Please accept my apologies again and if possible tell me what I should do?
Regards
From: Umar Waqar Anis <umarwaqaranis
Subject: Regrets—Claim of Plagiarism
Date: Fri, 22 Jul 2005 07:56:44 -0700 (PDT)
Respected all,
In the first place, please accept our heart felt and sincere apologies for this misconduct. The whole episode occurred because of temptations in a weak moment where we crossed the line.
Please accept our apologies and we give you our word of honor that such an inhumane act will never be done from our side. We apologize to ACM, Mr. John Kelsey, Mr. Bruce Schneier, Mr. David Wagner, Our Supervisor Dr. S.Tauseef Ur Rehman and the publisher of the original text; i.e.; Springer Verlag. We give our austere commitment that such an incidence will not be repeated.
We once again regret the sad incidence and fault on our part.
From: “AMER HAYAT” <amerhayat2
Subject: Regrets—Claim of Plagiarism
Date: Fri, 22 Jul 2005 16:37:09 +0000
Respected all,
In the first place, please accept our heart felt and sincere apologies for this misconduct. The whole episode occurred because of temptations in a weak moment where we crossed the line.
Please accept our apologies and we give you our word of honor that such an inhumane act will never be done from our side. We apologize to ACM, Mr. John Kelsey, Mr. Bruce Schneier, Mr. David Wagner, Our Supervisor Dr. S.Tauseef Ur Rehman and the publisher of the original text; i.e.; Springer Verlag. We give our austere commitment that such an incidence will not be repeated.
We once again regret the sad incidence and fault on our part.
Please please sir please forgive us. we are ashamed of our selves and we have ruined our careeres. Please Forgive us.
Regards
Khawaja Amer Hayat & Umar Waqar Anis
Categories: Algorithm Analyses