Differential cryptanalysis of the data encryption standard
Differential cryptanalysis of the data encryption standard
Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
An experiment on DES statistical cryptanalysis
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
The First Experimental Cryptanalysis of the Data Encryption Standard
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Linear Cryptanalysis Using Multiple Approximations
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
On Differential and Linear Crytoanalysis of the RC5 Encryption Algorithm
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Improved Differential Attacks on RC5
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
New Results in Linear Cryptanalysis of RC5
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
Known Plaintext Correlation Attack against RC5
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
Cryptanalysis of the Reduced-Round RC6
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
A Chosen Plaintext Linear Attack on Block Cipher CIKS-1
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Linear Cryptanalysis of Reduced-Round Versions of the SAFER Block Cipher Family
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Multiple Linear Cryptanalysis of a Reduced Round RC6
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
| Hi-index | 0.00 |
In this paper we evaluate the resistance of the block cipher RC5 against linear cryptanalysis. We describe a known plaintext attack that can break RC5-32 (blocksize 64) with 10 rounds and RC5-64 (block-size 128) with 15 rounds. In order to do this we use techniques related to the use of multiple linear approximations. Furthermore the success of the attack is largely based on the linear hull-effect. To our knowledge, at this moment these are the best known plaintext attacks on RC5, which have negligible storage requirements and do not make any assumption on the plaintext distribution. Furthermore we discuss the impact of our attacking method on the AES-candidate RC6, whose design was based on RC5.