Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Mersenne twister: a 623-dimensionally equidistributed uniform pseudo-random number generator
ACM Transactions on Modeling and Computer Simulation (TOMACS) - Special issue on uniform random number generation
Linear Cryptanalysis Using Multiple Approximations
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
Computation of the Fast Walsh-Fourier Transform
IEEE Transactions on Computers
Cryptanalysis of an E0-like Combiner with Memory
Journal of Cryptology
Crossword puzzle attack on NLS
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Fast computation of large distributions and its cryptographic applications
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
INDOCRYPT'05 Proceedings of the 6th international conference on Cryptology in India
A practical distinguisher for the Shannon cipher
Journal of Systems and Software
Hi-index | 0.00 |
In this article, we present a linear distinguishing attack on the stream cipher Shannon. Our distinguisher can distinguish the output keystream of Shannon from about 2107 keystream words while using an array of 232 counters. The distinguisher makes use of a multidimensional linear transformation instead of a 1D transformation, which is traditionally used in linear distinguishing attacks. This gives a clear improvement to the keystream requirement: we need approximately 25 times less keystream than when a 1D transformation is used. In addition, we give evidence of the correctness of the distinguisher by applying it to a smaller version of Shannon.