Linear cryptanalysis and security tradeoff of block ciphering systems with channel errors
NSS'12 Proceedings of the 6th international conference on Network and System Security
| Hi-index | 754.84 |
The problem of enciphering a stationary finite discrete message so that a cryptanalyst is unlikely to decrypt an intercepted cryptogram is considered. Additive-like instantaneous block (ALIB) encipherers are studied that employ a list ofe^{nr}keywords of lengthn, called the cipher. An ALIB encipherer produces a cryptogram word of lengthnfrom a message word and a key word of the same length by combining corresponding message letters and key-word letters. Certain technical restrictions sure placed on the combining function. The decipherer uses a decoder which combines a letter from the key word used in enciphering with a letter from the cryptogram to form a letter of the decoded message. cryptanalyst also decodes letter by letter with an identical decoder; however, he uses a keyword that is not necessarily that used in enciphering. For a given message source and combiner, the design of the cipher consists in choosing the block lengthn, the key rater, and the set ofe^{nr}key words. These are to be chosen so thatp_{w}, the probability of correct decryptment of the message word, andp( Delta), the probability that the per letter nonzero Hamming distance between the decrypted message and the true message is smaller thanDelta, are very small for every cryptanalyst. A set of pairs( Delta,r)for which there exist ciphers with key ratersuch that,p_{w}andp( Delta)can be made arbitrarily small for every cryptanalyst is determined using the concepts of random ciphering and exponential bounding.