A generalization of linear cryptanalysis and the applicability of Matsui's piling-up lemma

Authors:
Carlo Harpes;Gerhard G. Kramer;James L. Massey
Affiliations:
Swiss Federal Institute of Technology, Signal and Info. Proc. Lab., Zürich;Swiss Federal Institute of Technology, Signal and Info. Proc. Lab., Zürich;Swiss Federal Institute of Technology, Signal and Info. Proc. Lab., Zürich
Venue:
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Year:
1995

Citing 4
Cited 27

Linear cryptanalysis method for DES cipher

EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The First Experimental Cryptanalysis of the Data Encryption Standard

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Differential-Linear Cryptanalysis

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm

Fast Software Encryption, Cambridge Security Workshop

Constructing Symmetric Ciphers Using the CAST Design Procedure

Designs, Codes and Cryptography - Special issue: selected areas in cryptography I
Improving the Upper Bound on the Maximum Average Linear Hull Probability for Rijndael

SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
On the Complexity of Matsui's Attack

SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
A Key-schedule Weakness in SAFER K-64

CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
New Method for Upper Bounding the Maximum Average Linear Hull Probability for SPNs

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Improved Truncated Differential Attacks on SAFER

ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Contemporary Block Ciphers

Lectures on Data Security, Modern Cryptology in Theory and Practice, Summer School, Aarhus, Denmark, July 1998
A Revised Version of Crypton - Crypton V1.0

FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Mod n Cryptanalysis, with Applications Against RC5P and M6

FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Linear Cryptanalysis of Reduced-Round Versions of the SAFER Block Cipher Family

FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Multiplicative Differentials

FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
On quadratic approximations in block ciphers

Problems of Information Transmission
Provable security of block ciphers against linear cryptanalysis: a mission impossible?

Designs, Codes and Cryptography
A Statistical Saturation Attack against the Block Cipher PRESENT

CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
A new impossible differential attack on SAFER ciphers

Computers and Electrical Engineering
Computing the biases of parity-check relations

ISIT'09 Proceedings of the 2009 IEEE international conference on Symposium on Information Theory - Volume 1
Non-linear approximations in linear cryptanalysis

EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Non-linear cryptanalysis revisited: heuristic search for approximations to S-boxes

Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Linear cryptanalysis of non binary ciphers

SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Upper estimates of imbalance of bilinear approximations for round functions of block ciphers

Cybernetics and Systems Analysis
Multi-trail statistical saturation attacks

ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Accurate estimates of the data complexity and success probability for various cryptanalyses

Designs, Codes and Cryptography
Multiple differential cryptanalysis: theory and practice

FSE'11 Proceedings of the 18th international conference on Fast software encryption
General principles of algebraic attacks and new design criteria for cipher components

AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
The inverse s-box, non-linear polynomial relations and cryptanalysis of block ciphers

AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
Linear fault analysis of block ciphers

ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Large-scale high-resolution computational validation of novel complexity models in linear cryptanalysis

Journal of Computational and Applied Mathematics

Quantified Score

Hi-index	0.00

Visualization

Abstract

Matsui's linear cryptanalysis for iterated block ciphers is generalized by replacing his linear expressions with I/O sums. For a single round, an I/O sum is the XOR of a balanced binary-valued function of the round input and a balanced binary-valued function of the round output. The basic attack is described and conditions for it to be successful are given. A procedure for finding effective I/O sums, i.e., I/O sums yielding successful attacks, is given. A cipher contrived to be secure against linear cryptanalysis but vulnerable to this generalization of linear cryptanalysis is given. Finally, it is argued that the ciphers IDEA and SAFER K-64 are secure against this generalization.