A New Technique for Multidimensional Linear Cryptanalysis with Applications on Reduced Round Serpent
نویسندگان
چکیده
In this paper, we present a new technique for Matsui’s algorithm 2 using multidimensional linear approximation. We show that the data complexity of the attack can be reduced significantly by our method even when the linear hull effect is present. We apply our method to the key recovery attack on 5-round Serpent and demonstrate that our attack is superior to previous attacks. We present evidence that it is theoretically possible to reduce the data complexity of the linear attack against 10 round Serpent by factor of 2 when multiple approximations are used.
منابع مشابه
Multidimensional Linear Cryptanalysis of Reduced Round Serpent
Various authors have previously presented di erent approaches how to exploit multiple linear approximations to enhance linear cryptanalysis. In this paper we present a new truly multidimensional approach to generalise Matsui’s Algorithm 1. We derive the statistical framework for it and show how to calculate multidimensional probability distributions based on correlations of onedimensional linea...
متن کاملFiltered Nonlinear Cryptanalysis of Reduced-Round Serpent, and the Wrong-Key Randomization Hypothesis
We present a deterministic algorithm to find nonlinear S-box approximations, and a new nonlinear cryptanalytic technique; the “filtered” nonlinear attack, which achieves the lowest data complexity of any known-plaintext attack on reduced-round Serpent so far. We demonstrate that the Wrong-Key Randomization Hypothesis is not entirely valid for attacks on reduced-round Serpent which rely on linea...
متن کاملImproving the Algorithm 2 in Multidimensional Linear Cryptanalysis
In FSE’09 Hermelin et al. introduced the Algorithm 2 of multidimensional linear cryptanalysis. If this algorithm is m-dimensional and reveals l bits of the last round key with N plaintext-ciphertext pairs, then its time complexity is O(mN2l). In this paper, we show that by applying the Fast Fourier Transform and Fast Walsh Hadamard Transform to the Algorithm 2 of multidimensional linear cryptan...
متن کاملDifferential-Linear Cryptanalysis of Serpent
Serpent is a 128-bit SP-Network block cipher consisting of 32 rounds with variable key length (up to 256 bits long). It was selected as one of the 5 AES finalists. The best known attack so far is a linear attack on an 11-round reduced variant. In this paper we apply the enhanced differential-linear cryptanalysis to Serpent. The resulting attack is the best known attack on 11-round Serpent. It r...
متن کاملImproved and Multiple Linear Cryptanalysis of Reduced Round Serpent
This paper reports on the improved and multiple linear cryptanalysis of reduced round Serpent by mean of a branch-and-bound characteristic search within the algorithm. We first present a 9-round linear characteristic with probability 1 2 + 2−50 that involves a reduction of the estimated data complexity of the best reported attack by a factor of 16. Then, we investigate the possibility to take a...
متن کامل