Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The Design of Rijndael
Differential Cryptanalysis of DES-like Cryptosystems
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Impossible Differential Cryptanalysis of CLEFIA
Fast Software Encryption
New Impossible Differential Attacks on AES
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Impossible Boomerang Attack for Block Cipher Structures
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
On unbiased linear approximations
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
The 128-bit blockcipher CLEFIA
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Zero correlation linear cryptanalysis with reduced data complexity
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Information Processing Letters
Hi-index | 0.00 |
Linear cryptanalysis, along with differential cryptanalysis, is an important tool to evaluate the security of block ciphers. This work introduces a novel extension of linear cryptanalysis: zero-correlation linear cryptanalysis, a technique applicable to many block cipher constructions. It is based on linear approximations with a correlation value of exactly zero. For a permutation on n bits, an algorithm of complexity 2n-1 is proposed for the exact evaluation of correlation. Non-trivial zero-correlation linear approximations are demonstrated for various block cipher structures including AES, balanced Feistel networks, Skipjack, CLEFIA, and CAST256. As an example, using the zero-correlation linear cryptanalysis, a key-recovery attack is shown on 6 rounds of AES-192 and AES-256 as well as 13 rounds of CLEFIA-256.