Synthetic Linear Analysis: Improved Attacks on CubeHash and Rabbit

It has been considered most important and difficult to analyze the bias and find a large bias regarding the security of cryptosystems, since the invention of linear cryptanalysis. The demonstration of a large bias will usually imply that the target crypto-system is not strong. Regarding the bias analysis, researchers often focus on a theoretical solution for a specific problem. In this paper, we take a first step towards the synthetic approach on bias analysis. We successfully apply our synthetic analysis to improve the most recent linear attacks on CubeHash and Rabbit respectively. CubeHash was selected to the second round of SHA-3 competition. For CubeHash, the best linear attack on 11-round CubeHash with 2 queries was proposed previously. We present an improved attack for 11-round CubeHash with complexity 2. Based on our 11-round attack, we give a new linear attack for 12-round CubeHash with complexity 2, which is sharply close to the security parameter 2 of CubeHash. Rabbit is a stream cipher among the finalists of ECRYPT Stream Cipher Project (eSTREAM). For Rabbit, the best linear attack with complexity 2 was recently presented. Our synthetic bias analysis yields the improved attack with complexity 2. Moreover, it seems that our results might be further improved, according to our ongoing computations.