Multidimensional Linear Cryptanalysis
نویسندگان
چکیده
منابع مشابه
Multidimensional linear cryptanalysis
Linear cryptanalysis is an important tool for studying the security of symmetric ciphers. In 1993 Matsui proposed two algorithms, called Algorithm 1 and Algorithm 2, for recovering information about the secret key of a block cipher. The algorithms exploit a biased probabilistic relation between the input and output of the cipher. This relation is called the (onedimensional) linear approximation...
متن کاملOn Multidimensional Linear Cryptanalysis
Matsui’s Algorithms 1 and 2 with multiple approximations have been studied over 16 years. In CRYPTO’04, Biryukov et al. proposed a formal framework based on m statistically independent approximations. Started by Hermelin et al. in ACISP’08, a different approach was taken by studying m-dimensional combined approximations from m base approximations. Known as multidimensional linear cryptanalysis,...
متن کاملMultidimensional Linear Cryptanalysis of Reduced Round Serpent
Various authors have previously presented di erent approaches how to exploit multiple linear approximations to enhance linear cryptanalysis. In this paper we present a new truly multidimensional approach to generalise Matsui’s Algorithm 1. We derive the statistical framework for it and show how to calculate multidimensional probability distributions based on correlations of onedimensional linea...
متن کاملSeparable Statistics and Multidimensional Linear Cryptanalysis
Multidimensional linear cryptanalysis of block ciphers is improved in this work by introducing a number of new ideas. Firstly, formulae is given to compute approximate multidimensional distributions of encryption internal bits. Conventional statistics like LLR(Logarithmic Likelihood Ratio) do not fit to work in Matsui’s Algorithm 2 for large dimension data, as the observation depend on too many...
متن کاملImproving the Algorithm 2 in Multidimensional Linear Cryptanalysis
In FSE’09 Hermelin et al. introduced the Algorithm 2 of multidimensional linear cryptanalysis. If this algorithm is m-dimensional and reveals l bits of the last round key with N plaintext-ciphertext pairs, then its time complexity is O(mN2l). In this paper, we show that by applying the Fast Fourier Transform and Fast Walsh Hadamard Transform to the Algorithm 2 of multidimensional linear cryptan...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Cryptology
سال: 2018
ISSN: 0933-2790,1432-1378
DOI: 10.1007/s00145-018-9308-x