nach oben

Designs, Codes and Cryptography

Erschienen in:

01.12.2016

Improving algorithm 2 in multidimensional (zero-correlation) linear cryptanalysis using \(\chi ^2\)-method

verfasst von: Huaifeng Chen, Tingting Cui, Meiqin Wang

Erschienen in: Designs, Codes and Cryptography | Ausgabe 3/2016

Einloggen, um Zugang zu erhalten

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The multidimensional linear cryptanalysis and the multidimensional zero-correlation linear cryptanalysis have been widely used in the attacks on block ciphers. In the multidimensional linear cryptanalysis with \(\chi ^2\)-method and the multidimensional zero-correlation linear cryptanalysis, the statistics used to distinguish the right key and wrong keys are calculated from the probability distribution of multidimensional (zero-correlation) linear approximations. In this paper, we show that the statistics can be computed directly from the empirical correlations of multidimensional (zero-correlation) linear approximations for random plaintext set. In this way, the computation cost of the probability distribution can be removed. In the situation where FFT technique can be applied to calculate the correlations, our proposed computing method for the statistics can decrease the time complexity of multidimensional (zero-correlation) linear cryptanalysis. As an illustration, the Feistel network with bijective round functions consisting of the modular additions or XORs with subkeys and CAST-256 have been attacked with our revised multidimensional zero-correlation linear cryptanalysis. Our attacks on such kind of Feistel networks are the best according to the number of rounds and we improved the previous multidimensional zero-correlation attack on CAST-256 from 28 to 29 rounds. Compared with the best attack on 29-round CAST-256 with multiple zero-correlation linear cryptanalysis method, our attack leads to the same complexity but without any assumption of independence. Therefore our attack on CAST-256 is the best attack without any assumption.

Vorheriger Artikel Large classes of permutation polynomials over

Nächster Artikel Complementary information set codes over GF(p)

Adams C.M.: The CAST-256 Encryption Algorithm. AES Proposal (1998).

Bays A., Huang J., Vaudenay S.: Improved linear cryptanalysis of reduced-round MIBS. In: IWSEC 2014. LNCS, vol. 8639, pp. 204–220. Springer, Heidelberg (2014).

Biryukov A., De Cannière C., Quisquater M.: On multiple linear approximations. In: CRYPTO 2004. LNCS, vol. 3152, pp. 1–22. Springer, Heidelberg (2004).

Bogdanov A., Rijmen V.: Linear hulls with correlation zero and linear cryptanalysis of block ciphers. Des. Codes Cryptogr. 70, 369–383 (2014).

Bogdanov A., Wang M.: Zero-correlation linear cryptanalysis with reduced data complexity. In: FSE 2012. LNCS, vol. 7549, pp. 29–48. Springer, Heidelberg (2012).

Bogdanov A., Leander G., Nyberg K., Wang M.: Integral and multidimensional linear distinguishers with correlation zero. In: ASIACRYPT 2012. LNCS, vol. 7658, pp. 244–261. Springer, Heidelberg (2012).

Bogdanov A., Geng H., Wang M., Wen L., Collard B.: Zero-correlation linear cryptanalysis with FFT and improved attacks on ISO standards Camellia and CLEFIA. In: SAC 2013. LNCS, vol. 8282, pp. 306–323. Springer, Heidelberg (2014).

Collard B., Standaert F.-X., Quisquater J.-J.: Improving the time complexity of Matsui’s linear cryptanalysis. In: ICISC 2007. LNCS, vol. 4817, pp. 77–88. Springer, Heidelberg (2007).

Guo J., Jean J., Nikolic I., Sasaki Y.: Meet-in-the-middle attacks on generic feistel constructions. In: ASIACRYPT 2014, Part I. LNCS, vol. 8873, pp. 458–477. Springer, Heidelberg (2014).

10.

Hermelin M., Nyberg K.: Dependent linear approximations: the algorithm of Biryukov and others revisited. In: CT-RSA 2010. LNCS, vol. 5985, pp. 318–333. Springer, Heidelberg (2010).

11.

Hermelin M., Cho J.Y., Nyberg K.: Multidimensional linear cryptanalysis of reduced round serpent. In: ACISP 2008. LNCS, vol. 5107, pp. 203–215. Springer, Heidelberg (2008).

12.

Hermelin M., Cho J.Y., Nyberg K.: Multidimensional extension of Matsui’s algorithm 2. In: FSE 2009. LNCS, vol. 5665, pp. 209–227. Springer, Heidelberg (2009).

13.

Isobe T., Shibutani K.: All subkeys recovery attack on block ciphers: extending meet-in-the-middle approach. In: SAC 2012. LNCS, vol. 7707, pp. 202–221. Springer, Heidelberg (2013).

14.

Isobe T., Shibutani K.: Generic key recovery attack on feistel scheme. In: ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 464–485. Springer, Heidelberg (2013).

15.

Kaliski B.S., Robshaw M.J.B.: Linear cryptanalysis using multiple approximations. In: CRYPTO 1994. LNCS, vol. 839, pp. 26–39. Springer, Heidelberg (1994).

16.

Knudsen L.R.: The security of feistel ciphers with six rounds or less. J. Cryptol. 15, 207–222 (2002).

17.

Luby M., Rackoff C.: How to construct pseudorandom permutations and pseudorandom functions. SIAM J. Comput. 17, 373–386 (1988).

18.

Matsui M.: Linear cryptanalysis method for DES cipher. In: Eurocrypt 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1993).

19.

Matsui M.: The first experimental cryptanalysis of the data encryption standard. In: CRYPTO 1994. LNCS, vol. 839, pp. 1–11. Springer, Heidelberg (1994).

20.

Nakahara J., Rasmussen M.: Linear analysis of reduced-round CAST-128 and CAST-256. SBSEG 2007, 45–55 (2007).

21.

National Soviet Bureau of Standards: Information Processing System—Cryptographic Protection—Cryptographic Algorithm GOST. pp. 28147–28189 (1989).

22.

Nguyen P.H., Wu H., Wang H.: Improving the algorithm 2 in multidimensional linear cryptanalysis. In: ACISP 2011. LNCS, vol. 6812, pp. 61–74. Springer, Heidelberg (2011).

23.

Schneier B., Kelsey J., Whiting D., Wagner D., Hall C.: Twofish: a 128-bit block cipher. http://www.schneier.com/paper-twofish-paper.

24.

Seki H., Kaneko T.: Differential cryptanalysis of CAST-256 reduced to nine quad-rounds. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E84-A(4), 913–918 (2001).

25.

Todo Y.: Upper bounds for the security of several feistel networks. In: ACISP. LNCS, vol. 7959, pp. 302–317. Springer, Heidelberg (2013).

26.

Wagner D.: The boomerang attack. In: FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999).

27.

Wang M., Wang X., Hu C.: New linear cryptanalytic results of reduced-round of CAST-128 and CAST-256. In: SAC 2008. LNCS, vol. 5381, pp. 429–441. Springer, Heidelberg (2009).

28.

Wen L., Wang M., Bogdanov A., Chen H.: General application of FFT in cryptanalysis and improved attack on CAST-256. In: INDOCRYPT 2014. LNCS, vol. 8885, pp. 161–176. Springer, Heidelberg (2014).

Titel: Improving algorithm 2 in multidimensional (zero-correlation) linear cryptanalysis using -method
verfasst von: Huaifeng Chen
Tingting Cui
Meiqin Wang
Publikationsdatum: 01.12.2016
Verlag: Springer US
Erschienen in: Designs, Codes and Cryptography / Ausgabe 3/2016
Print ISSN: 0925-1022
Elektronische ISSN: 1573-7586
DOI: https://doi.org/10.1007/s10623-016-0175-x

Springer Professional

Improving algorithm 2 in multidimensional (zero-correlation) linear cryptanalysis using \(\chi ^2\)-method

Abstract

Premium Partner

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Weitere Artikel der Ausgabe 3/2016

On the geometric constructions of optimal linear codes

New criterion for diffusion property and applications to improved GFS and EGFN

Index bounds for character sums of polynomials over finite fields

Suzuki-invariant codes from the Suzuki curve

Near weights on higher dimensional varieties

Veronese subspace codes

Premium Partner