Linear Cryptanalysis Using Multiple Approximations-Revisited
نویسندگان
چکیده
We present a technique which uses multiple linear approximations in the linear cryptanalysis of a block cipher and allows for a reduction in the amount of data required for a successful attack. Although the method using many linear approximations was already suggested by B. Kaliski and M. Robshaw in 1994, this paper describes an revisited version utilizing a lot of approximations. In this paper, we present a theoretical and experimental complexity analysis of our attack. The experimental results suggest a complexity. The complexity is bounded by 2 known texts on 8-round DES with a success rate of 95%, 2 known texts on 16-round DES with a success rate of 86%, and 2 chosen texts on 16-round DES with a success rate of 86%. We believe that the results in this paper contain the most efficient attack on the DES full round reported so far in the open literature.
منابع مشابه
Non-linear Cryptanalysis Revisited: Heuristic Search for Approximations to S-Boxes
Non-linear cryptanalysis is a natural extension to Matsui’s linear cryptanalitic techniques in which linear approximations are replaced by nonlinear expressions. Non-linear approximations often exhibit greater absolute biases than linear ones, so it would appear that more powerful attacks may be mounted. However, their use presents two main drawbacks. The first is that in the general case no jo...
متن کاملNew Results in the Linear Cryptanalysis of DES
Two open problems on using Matsui’s Algorithm 2 with multiple linear approximations posed earlier by Biryukov, De Cannière and M. Quisquater at Crypto’04 are solved in the present paper. That improves the linear cryptanalysis of 16-round DES reported by Matsui at Crypto’94. keywords: linear cryptanalysis, multiple linear approximations, success probability, MRHS linear equations, gluing algorithm.
متن کاملLinear Cryptanalysis Using Multiple Approximations and FEAL
We describe the results of experiments on the use of multiple approximations in a linear cryptanalytic attack on FEAL; we pay particular attention to FEAL-8. While these attacks on FEAL are interesting in their own right, many important and intriguing issues in the use of multiple approximations are brought to light.
متن کاملLinear Attack Using Multiple Linear Approximations
One of Kaliski and Robshaw’s algorithms, which is used for the linear attack on block ciphers with multiple linear approximations and introduced as Algorithm 2M in this paper, looks efficient but lacks any theoretical and mathematical description. It means there exists no way to estimate the data complexity required for the attack by the algorithm except experiments of the reduced variants. In ...
متن کاملMultivariate Profiling of Hulls for Linear Cryptanalysis
Extensions of linear cryptanalysis making use of multiple approximations, such as multiple and multidimensional linear cryptanalysis, are an important tool in symmetric-key cryptanalysis, among others being responsible for the best known attacks on ciphers such as Serpent and present. At CRYPTO 2015, Huang et al. provided a refined analysis of the key-dependent capacity leading to a refined key...
متن کامل