Cube Attack is a successful case of Algebraic Attack. Cube Attack consists of two phases, linear equation extraction and solving the extracted equation system. Due to the high complexity of equation extraction phase in finding linear equations, we can extract nonlinear ones that could be approximated to linear equations with high probability. The probabilistic equations could be considered as l...

One of Kaliski and Robshaw’s algorithms, which is used for the linear attack on block ciphers with multiple linear approximations and introduced as Algorithm 2M in this paper, looks efficient but lacks any theoretical and mathematical description. It means there exists no way to estimate the data complexity required for the attack by the algorithm except experiments of the reduced variants. In ...

This letter studies the attack detection problem in a data-driven and model-free setting, for deterministic systems with linear time-invariant dynamics. Differently from existing that leverage knowledge of system dynamics to derive security bounds monitoring schemes, we treat cases where dynamics, as well strategy location, are unknown. We fundamental limitations function only observed data wit...

Interpolation attack was presented by Jakobsen and Knudsen at FSE’97. Interpolation attack is effective against ciphers that have a certain algebraic structure like the PURE cipher which is a prototype cipher, but it is difficult to apply the attack to real-world ciphers. This difficulty is due to the difficulty of deriving a low degree polynomial relation between ciphertexts and plaintexts. In...

We present a distinguishing attack on NLS which is one of the stream ciphers submitted to the eSTREAM project. We build the distinguisher by using linear approximations of both the non-linear feedback shift register (NFSR) and the nonlinear filter function (NLF). Since the bias of the distinguisher depends on the Konst value, which is a key-dependent word, we estimate the average bias to be aro...

An AES-like lightweight block cipher, namely Zorro, was proposed in CHES 2013. While it has a 16-byte state, it uses only 4 S-Boxes per round. This weak nonlinearity was widely criticized, insofar as it has been directly exploited in all the attacks on Zorro reported by now, including the weak key, reduced round, and even full round attacks. In this paper, using some properties discovered by Wa...

Differential and linear attacks are the most widely used cryptanalytic tools to evaluate the security of symmetric-key cryptography. Since the introduction of differential and linear attacks in the early 1990’s, various variants of these attacks have been proposed such as the truncated differential attack, the impossible differential attack, the square attack, the boomerang attack, the rectangl...

It is further believed that any practical attacks against HyRal are not possible with respect to the state-of-the-art. That is, we conclude that HyRal might be resistant to some well-known analysis such as differential attack, higher order differential attack, linear attack(including Truncated Linear Attack), interpolation attacks, algebraic attack (including XL attack and XSL attack), related ...