Book Chapter10.1007/978-3-642-22497-3_5
Improving the algorithm 2 in multidimensional linear cryptanalysis
Phuong Ha Nguyen,Hongjun Wu,Huaxiong Wang +2 more
- 11 Jul 2011
- pp 61-74
TL;DR: By applying the Fast Fourier Transform and Fast Walsh Hadamard Transform to the Algorithm 2 of multidimensional linear cryptanalysis, the time complexity of the attack is reduced to O(N + λ2m+l), where λ is 3(m + l) or 4m+3l.
read more
Abstract: In FSE'09 Hermelin et al. introduced the Algorithm 2 of multidimensional linear cryptanalysis. If this algorithm is m-dimensional and reveals l bits of the last round key with N plaintext-ciphertext pairs, then its time complexity is O(mN2l). In this paper, we show that by applying the Fast Fourier Transform and Fast Walsh Hadamard Transform to the Algorithm 2 of multidimensional linear cryptanalysis, we can reduce the time complexity of the attack to O(N + λ2m+l), where λ is 3(m + l) or 4m+3l. The resulting attacks are the best known key recovery attacks on 11-round and 12-round Serpent. The data, time, and memory complexity of the previously best known attack on 12-round Serpent are reduced by factor of 27.5, 211.7, and 27.5, respectively. This paper also simulates the experiments of the improved Algorithm 2 in multidimensional linear cryptanalysis on 5-round Serpent.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Differential-Linear Cryptanalysis Revisited
TL;DR: This paper revisits the previous treatments of differential-linear bias by Biham et al. in 2002–2003, Liu and Lu in 2009, and formulate assumptions under which a single differential- linear characteristic gives a close estimate of the bias.
Joint data and key distribution of simple, multiple, and multidimensional linear cryptanalysis test statistic and its impact to data complexity
Céline Blondeau,Kaisa Nyberg +1 more
TL;DR: This paper analyzes the hypotheses made in simple, multiple, and multidimensional linear attacks that use either non-zero or zero correlations, and provides more accurate estimates of the data complexity of these attacks.
56
•Book
Information Security and Cryptology - ICISC 2007 : 10th International Conference Seoul, Korea, November 29-30, 2007 : proceedings
Kil-Hyun Nam,Gwangsoo Rhee +1 more
- 01 Jan 2007
TL;DR: A Secure Virtual Execution Environment for Untrusted Code and Security-Preserving Asymmetric Protocol Encapsulation are studied.
51
Improving Key-Recovery in Linear Attacks: Application to 28-Round PRESENT
Antonio Flórez-Gutiérrez,María Naya-Plasencia +1 more
- 10 May 2020
TL;DR: Linear cryptanalysis is one of the most important tools in use for the security evaluation of symmetric primitives and many improvements and refinements have been published since its introduction, and many applications on different ciphers have been found.
Differential-Linear Cryptanalysis Revisited
Céline Blondeau,Gregor Leander,Kaisa Nyberg +2 more
- 03 Mar 2014
TL;DR: An exact expression of the bias of a differential-linear approximation in a closed form is given under the sole assumption that the two parts of the cipher are independent, and it is shown how to approximate the bias efficiently, and perform experiments on it.
References
•Book
Introduction to Algorithms
Thomas H. Cormen,Charles E. Leiserson,Ronald L. Rivest +2 more
- 01 Jan 1990
TL;DR: The updated new edition of the classic Introduction to Algorithms is intended primarily for use in undergraduate or graduate courses in algorithms or data structures and presents a rich variety of algorithms and covers them in considerable depth while making their design and analysis accessible to all levels of readers.
24.8K
Introduction to Algorithms, 2nd edition.
TH Cormen,CE Leiserson,RL Rivest,Cliff Stein +3 more
- 01 Jan 2001
4K
Linear cryptanalysis method for DES cipher
Mitsuru Matsui
- 02 Jan 1994
TL;DR: A new method is introduced for cryptanalysis of DES cipher, which is essentially a known-plaintext attack, that is applicable to an only-ciphertext attack in certain situations.
Related Papers (5)
Mitsuru Matsui
- 02 Jan 1994
Alex Biryukov,Christophe De Cannière,Michaël Quisquater +2 more
- 15 Aug 2004
Ross Anderson,Eli Biham,Lars R. Knudsen +2 more
- 01 Jan 1998