Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
An experiment on DES statistical cryptanalysis
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
The First Experimental Cryptanalysis of the Data Encryption Standard
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Linear Cryptanalysis Using Multiple Approximations
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Quadratic Relation of S-box and Its Application to the Linear Attack of Full Round DES
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Non-linear approximations in linear cryptanalysis
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
A new method for known plaintext attack of FEAL cipher
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
A Chosen Plaintext Linear Attack on Block Cipher CIKS-1
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Enhancing Differential-Linear Cryptanalysis
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
An FPGA Implementation of the Linear Cryptanalysis
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Linear analysis of reduced-round cubehash
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
New improvements of davies-murphy cryptanalysis
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
New combined attacks on block ciphers
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
New attacks against reduced-round versions of IDEA
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
A methodology for differential-linear cryptanalysis and its applications
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
| Hi-index | 0.01 |
In this paper we consider a chosen-plaintext variant of the linear attack on DES introduced by Matsui. By choosing plaintexts in a clever way one can reduce the number of plaintexts required in a successful linear attack. This reduces the amount of plaintexts to find key bits to a factor of more than four compared to Matsui's attack. To estimate the probabilities of success in the attack we did extensive experiments on DES reduced to 8 and 12 rounds. We believe that the results in this paper contain the fastest attack on the DES reported so far in the open literature. As an example, one attack needs about 242 chosen texts, finds 12 bits of key information and succeeds with a probability of about 86%. An additional 12 key bits can be found by similar methods. For comparison, Matsui's attack on the DES needs about 244 known texts, finds 13 bits of the key and succeeds with a probability of 78%. Of independent interest is a new approach searching for "pseudo-keys", which are secret key bits added an unknown but fixed value. These bits can be used to find the secret key bits at a later stage in the analysis.