How Biased Are Linear Biases ∗
نویسندگان
چکیده
In this paper we re-visit the Matsui’s linear cryptanalysis. The linear attack on the full round DES was the first attack that has been verified experimentally. Matsui extended one-round linear approximations to a linear mask of plaintext-ciphertext pairs by means of his piling-up lemma. The assumption of the lemma, the independence of the random variables in the round approximations, is hopefully fulfilled for the full round DES. So the experiment was successful. However, there exist some ciphers whose linear approximations may have completely different biases than those calculated by the piling-up lemma. We work out a case study where the biases of the linear approximations cannot be calculated through the lemma. We derive the theoretical infrastructures which lead us to compute the overall bias. We verify the theoretical results by performing some experiments on a toy cipher. For the verification, we mount a linear attack on the cipher and construct two linear approximations having the same plaintext-ciphertext masks. We show that the biases of the approximations are different from what the piling-up lemma asserts. Keywords—block cipher, linear cryptanalysis, nonlinearity, DES, linear hull, linear approximation
منابع مشابه
Effects of Outliers on the Identification and Estimation of Garch Models
This paper analyses how outliers affect the identification of conditional heteroscedasticity and the estimation of generalized autoregressive conditionally heteroscedastic (GARCH) models. First, we derive the asymptotic biases of the sample autocorrelations of squared observations generated by stationary processes and show that the properties of some conditional homoscedasticity tests can be di...
متن کاملTowards a Substantively Biased Theory of Learning
0. Introduction There has recently been much debate concerning the nature of representations of phonological objects, particularly with regard to the role of abstract phonological constructs such as features and natural classes. This debate has extended to include differing notions about how phonological knowledge is learned and represented in the mind. The goal of this paper is to provide evid...
متن کاملMitigating Evidentiary Bias in Planning and Policy-Making; Comment on “Reflective Practice: How the World Bank Explored Its Own Biases?”
The field of cognitive psychology has increasingly provided scientific insights to explore how humans are subject to unconscious sources of evidentiary bias, leading to errors that can affect judgement and decision-making. Increasingly these insights are being applied outside the realm of individual decision-making to the collective arena of policy-making as well. A recent editorial in this jou...
متن کاملReflective Practice: How the World Bank Explored Its Own Biases?
While many international organisations have independent evaluations, including the International Monetary Fund (IMF) and World Health organization (WHO), uniquely the World Bank in its 2015 World Development Report sought to ascertain the potential biases that influence how its staff interpret evidence and influence policy. Here, we describe the World Bank’s study design, including experiments ...
متن کاملThe 'whys' and 'whens' of individual differences in thinking biases.
Although human thinking is often biased, some individuals are less susceptible to biases than others. These individual differences have been at the forefront of thinking research for more than a decade. We organize the literature in three key accounts (storage, monitoring, and inhibition failure) and propose that a critical but overlooked question concerns the time point at which individual var...
متن کامل