An improvement of linearization-based algebraic attacks

  • Authors:

  • Satrajit Ghosh;Abhijit Das

  • Affiliations:

  • Department of Computer Science and Engineering, Indian Institute of Technology Kharagpur, India;Department of Computer Science and Engineering, Indian Institute of Technology Kharagpur, India

  • Venue:
  • InfoSecHiComNet'11 Proceedings of the First international conference on Security aspects in information technology
  • Year:
  • 2011

Quantified Score

Hi-index 0.00

Visualization

Abstract

In an algebraic attack on a cipher, one expresses the encryption function as a system (usually overdefined) of multivariate polynomial equations in the bits of the plaintext, the ciphertext and the key, and subsequently solves the system for the unknown key bits from the knowledge of one or more plaintext/ciphertext pairs. The standard eXtended Linearization algorithm (XL) expands the initial system of equations by monomial multiplications. The expanded system is treated as a linear system in the monomials. For most block ciphers (like the Advanced Encryption Standard (AES)), the size of the linearized system turns out to be very large, and consequently, the complexity to solve the system often exceeds the complexity of brute-force search. In this paper, we propose a heuristic strategy XL SGE to reduce the number of linearized equations. This reduction is achieved by applying structured Gaussian elimination before each stage of monomial multiplication. Experimentation on small random systems indicates that XL SGE has the potential to improve the performance of the XL algorithm in terms of the size of the final solvable system. This performance gain is exhibited by our heuristic also in the case of a toy version of AES.