Studying cryptanalysis is difficult because there is no standard textbook, and no way of knowing which cryptanalytic problems are suitable for different levels of students. This paper attempts to organize the existing literature of block-cipher cryptanalysis in a way that students can use to learn cryptanalytic techniques and ways to break new algorithms.

Extensions of linear cryptanalysis making use of multiple approximations such as multidimensional linear cryptanalysis are an important tool in symmetric-key cryptanalysis, among others being responsible for the best known attacks on ciphers such as Serpent and present. At CRYPTO 2015, Huang et al. provided a refined analysis of the key-dependent capacity leading to a refined key equivalence hy...

This paper presents an approach for the comparative cryptanalysis of Simple Data Encryption Standard (S-DES) using Tabu Search and Simulated Annealing methods. In this paper, cipher text only attack is adopted and varieties of optimum keys are generated based on the cost function values. The goal of this paper is three fold. First we want to make a study about how evolutionary computation techn...

—In recent two years, zero correlation linear cryptanalysis has shown its great potential in cryptanalysis and it has proven to be effective against massive ciphers. LEA is a block cipher proposed by Deukjo Hong, who is the designer of an ISO standard block cipher HIGHT. This paper evaluates the security level on LEA family ciphers against zero correlation linear cryptanalysis. Firstly, we ide...

Differential and linear cryptanalysis are two of the most powerful techniques to analyze symmetric-key primitives. For modern ciphers, resistance against these attacks is therefore a mandatory design criterion. In this paper, we propose a novel technique to prove security bounds against both differential and linear cryptanalysis. We use mixedinteger linear programming (MILP), a method that is f...

This paper reports the strength of a pseudorandom number generator MUGI, which was published as a stream cipher by Hitachi, Ltd. in 2001, against linear cryptanalysis. MUGI is one of the recommended ciphers of CRYPTREC, which is a project for the e-Government in Japan. It has two internal states called state and buffer, which are updated by a linear function λ and a non-linear function ρ. The n...

We explain the theoretical background of the wide trail design strategy, which was used to design Rijndael, the Advanced Encryption Standard (AES). In order to facilitate the discussion, we introduce our own notation to describe differential and linear cryptanalysis. We present a block cipher structure and prove bounds on the resistance against differential and linear cryptanalysis.

Impossible differential cryptanalysis is one of the cryptanalysis methods that are applicable to the new Advanced Encryption Standard (AES). In this paper, we present an introduction to the method by applying it on Mini-AES, the mini version of the AES published in Cryptologia recently.

Building on the work of Kocher [Koc96], we introduce the notion of side-channel cryptanalysis: cryptanalysis using implementation data. We discuss the notion of side-channel attacks and the vulnerabilities they introduce, demonstrate side-channel attacks against three product ciphers—timing attack against IDEA, processor-flag attack against RC5, and Hamming weight attack against DES—and then ge...

An investigation is made into applying SAT solving techniques to the cryptanalysis of the AES block cipher. AES was intended to be translated into a generalised set of clauses and then a boolean CNF obtained through analysis of the components of the cipher, hopefully resulting in novel insight into the construction of AES and further cryptanalysis.