Multidimensional linear cryptanalysis with key difference invariant bias for block ciphers
نویسندگان
چکیده
Abstract For block ciphers, Bogdanov et al. found that there are some linear approximations satisfying their biases deterministically invariant under key difference. This property is called difference bias. Based on this property, proposed a related-key statistical distinguisher and turned it into key-recovery attacks LBlock TWINE-128. In paper, we propose new model by combining multidimensional cryptanalysis with The main theoretical advantage our does not depend independence of approximations. We demonstrate technique performing recovery By using the relations involved round keys to reduce number guessed subkey bits. Moreover, partial-compression used time complexity. can recover master up 25 rounds about 2 60.4 distinct known plaintexts, 78.85 complexity 61 bytes memory requirements. Our attack TWINE-128 28 61.5 126.15 results currently best ones
منابع مشابه
Key Difference Invariant Bias in Block Ciphers
In this paper, we reveal a fundamental property of block ciphers: There can exist linear approximations such that their biases ε are deterministically invariant under key difference. This behaviour is highly unlikely to occur in idealized ciphers but persists, for instance, in 5-round AES. Interestingly, the property of key difference invariant bias is independent of the bias value ε itself and...
متن کاملLinear Cryptanalysis: Key Schedules and Tweakable Block Ciphers
This paper serves as a systematization of knowledge of linear cryptanalysis and provides novel insights in the areas of key schedule design and tweakable block ciphers. We examine in a step by step manner the linear hull theorem in a general and consistent setting. Based on this, we study the influence of the choice of the key scheduling on linear cryptanalysis, a – notoriously difficult – but ...
متن کاملZero-Correlation Linear Cryptanalysis of Block Ciphers
Linear cryptanalysis, along with differential cryptanalysis, is an important tool to evaluate the security of block ciphers. This work introduces a novel extension of linear cryptanalysis – zero-correlation linear cryptanalysis – a technique applicable to many block cipher constructions. It is based on linear approximations with a correlation value of exactly zero. For a permutation on n bits, ...
متن کاملApplying Conditional Linear Cryptanalysis to Ciphers with Key- Dependant Operations
Linear cryptanalysis has been proven to be a powerful attack that can be applied to a number of symmetric block ciphers. However, conventional linear cryptanalysis is ineffective in attacking ciphers that use key-dependent operations, such as ICE, Lucifer and SAFER. In this paper conditional linear cryptanalysis, which uses characteristics that depend on some key-bit values, is introduced. This...
متن کاملBlock Ciphers And Cryptanalysis
This report gives a basic introduction to block cipher design and analysis. The concepts and design principles of block ciphers are explained, particularly the class of block ciphers known as Feistel ciphers. Some modern block cipher cryptanalysis methods are demonstrated by applying them to variants of a weak Feistel cipher called Simplified TEA (STEA), which is based on the Tiny Encryption Al...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Cybersecurity
سال: 2021
ISSN: ['2523-3246']
DOI: https://doi.org/10.1186/s42400-021-00096-4