Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Differential-linear cryptanalysis and threshold signatures
Differential-linear cryptanalysis and threshold signatures
Differential Cryptanalysis of DES-like Cryptosystems
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Differential Cryptanalysis of the Full 16-Round DES
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
The First Experimental Cryptanalysis of the Data Encryption Standard
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Differential-Linear Cryptanalysis
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Key-Schedule Cryptoanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Enhancing Differential-Linear Cryptanalysis
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Serpent: A New Block Cipher Proposal
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
A Chosen-Plaintext Linear Attack on DES
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
On Probability of Success in Linear and Differential Cryptanalysis
Journal of Cryptology
A Differential-Linear Attack on 12-Round Serpent
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Markov ciphers and differential cryptanalysis
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
A new method for known plaintext attack of FEAL cipher
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
New combined attacks on block ciphers
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Hi-index | 0.00 |
In 1994 Langford and Hellman introduced a combination of differential and linear cryptanalysis under two default independence assumptions, known as differential-linear cryptanalysis, which is based on the use of a differential-linear distinguisher constructed by concatenating a linear approximation with a (truncated) differential with probability 1. In 2002, by using an additional assumption, Biham, Dunkelman and Keller gave an enhanced version that can be applicable to the case when a differential with a probability of smaller than 1 is used to construct a differential-linear distinguisher. In this paper, we present a new methodology for differential-linear cryptanalysis under the original two assumptions implicitly used by Langford and Hellman, without using the additional assumption of Biham et al. The new methodology is more reasonable and more general than Biham et al.'s methodology, and apart from this advantage it can lead to some better differential-linear cryptanalytic results than Biham et al.'s and Langford and Hellman's methodologies. As examples, we apply it to attack 10 rounds of the CTC2 block cipher with a 255-bit block size and key, 13 rounds of the DES block cipher, and 12 rounds of the Serpent block cipher. The new methodology can be used to cryptanalyse other block ciphers, and block cipher designers should pay attention to this new methodology when designing a block cipher.