Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
On the Complexity of Matsui's Attack
SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
Linear Cryptanalysis Using Multiple Approximations
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Practically Secure Feistel Cyphers
Fast Software Encryption, Cambridge Security Workshop
The Wide Trail Design Strategy
Proceedings of the 8th IMA International Conference on Cryptography and Coding
Improved and Multiple Linear Cryptanalysis of Reduced Round Serpent
Information Security and Cryptology
Improving the time complexity of Matsui's linear cryptanalysis
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Breaking ciphers with COPACOBANA –a cost-optimized parallel code breaker
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
The Independence of Linear Approximations in Symmetric Cryptanalysis
IEEE Transactions on Information Theory
Multidimensional Linear Cryptanalysis of Reduced Round Serpent
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
A Differential-Linear Attack on 12-Round Serpent
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
A New Technique for Multidimensional Linear Cryptanalysis with Applications on Reduced Round Serpent
Information Security and Cryptology --- ICISC 2008
On Linear Cryptanalysis with Many Linear Approximations
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Multi-trail statistical saturation attacks
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
On multidimensional linear cryptanalysis
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
On unbiased linear approximations
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Dependent linear approximations: the algorithm of biryukov and others revisited
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
| Hi-index | 0.00 |
In 2004, Biryukov et al.presented a new theoretical framework for the linear cryptanalysis of block ciphers using multiple approximations. Although they provided first experimental results to confirm the relevance of their approach, a scope for further research was to apply this framework to other ciphers. In this paper, we present various attacks against reduced-round versions of the AES candidate Serpent. Our results illustrate that the hypotheses of Crypto 2004 hold (at least) as long as the number of approximations exploited in the linear attack are computationally tractable. But they also underline the limits and specificities of Matsui's algorithms1 and 2 for the exploitation of such approximations. In particular, they show that the optimal application of algorithm 2requires good theoretical estimations of the approximation biases, which may be a problem when the linear hull effect is non-negligible. These results finally confirm the significant reductions of the attacks data complexity that can be obtained from multiple linear approximations.