Differential cryptanalysis of the data encryption standard
Differential cryptanalysis of the data encryption standard
Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The First Experimental Cryptanalysis of the Data Encryption Standard
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Linear (Hull) and Algebraic Cryptanalysis of the Block Cipher PRESENT
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Differential cryptanalysis of reduced-round PRESENT
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
On the success probability of χ2-attack on RC6
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Related-Key attacks on reduced rounds of SHACAL-2
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Practical attack on the full MMB block cipher
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Combined fault and side-channel attack on protected implementations of AES
CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Linear cryptanalysis of reduced-round ICEBERG
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
Differential cryptanalysis of reduced-round ICEBERG
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
A model for structure attacks, with applications to PRESENT and serpent
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Hi-index | 0.00 |
Despite their widespread usage in block cipher analysis, the success probability estimation of differential and linear cryptanalytic attacks has traditionally been carried out in a rather ad hoc fashion. In this paper, we present an analytical calculation of the success probability of these attacks. Besides providing a sound formulation of the success probabilities, the analysis reveals some previously unnoticed factors affecting the success of an attack, such as the attacked key length in differential cryptanalysis. The results apply to an extended sense of the term "success" where the correct key is found not necessarily as the highest-ranking candidate but within a set of highest-ranking candidates.