The Design of Rijndael
The First Experimental Cryptanalysis of the Data Encryption Standard
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Practically Secure Feistel Cyphers
Fast Software Encryption, Cambridge Security Workshop
New Structure of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis
Proceedings of the Third International Workshop on Fast Software Encryption
A generalization of linear cryptanalysis and the applicability of Matsui's piling-up lemma
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
On the optimality of linear, differential, and sequential distinguishers
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Hi-index | 0.00 |
In this paper, we are concerned with the security of block ciphers against linear cryptanalysis and discuss the distance between the so-called practical security approach and the actual theoretical security provided by a given cipher. For this purpose, we present a number of illustrative experiments performed against small (i.e. computationally tractable) ciphers. We compare the linear probability of the best linear characteristic and the actual best linear probability (averaged over all keys). We also test the key equivalence hypothesis. Our experiments illustrate both that provable security against linear cryptanalysis is not achieved by present design strategies and the relevance of the practical security approach. Finally, we discuss the (im)possibility to derive actual design criteria from the intuitions underlined in these experiments.