Abstract
This paper describes an improved version of linear cryptanalysis and its application to the first successful computer experiment in breaking the full 16-round DES. The scenario is a known-plaintext attack based on two new linear approximate equations, each of which provides candidates for 13 secret key bits with negligible memory. Moreover, reliability of the key candidates is taken into consideration, which increases the success rate. As a result, the full 16-round DES is breakable with high success probability if 24.3 random plaintexts and their ciphertexts are available. The author carried out the first experimental attack using twelve computers to confirm this: he finally reached all of the 56 secret key bits in fifty days, out of which forty days were spent for generating plaintexts and their ciphertexts and only ten days were spent for the actual key search.
Chapter PDF
References
National Burean of Standards: Data Encryption Standard. U.S. Department of Commerce, Federal Information Processing Standards 46 (1977)
Matsui, M.: Linear Cryptanalysis Method for DES cipher. Advances in Cryptology-Eurocrypt’93, Lecture Notes in Computer Science, Springer-Verlag 765 (1993) 386–397
Matsui, M.: On correlation between the order of S-boxes and the strength of DES. Pre-proceedings of Eurocrypt’94 (1994) 375–387
Hellman, M., Merkle, R., Schroeppel, R., Washington, L., Diffie, W., Pohlig, S., Schweitzer, P.: Results of an initial attempt to cryptanalyze the NBS Data Encryption Standard. Information Systems Laboratory, Stanford University 76-042 (1976)
Shamir, A.: On the security of DES. Advances in Cryptology — Crypto’85, Lecture Notes in Computer Science, Springer-Verlag 218 (1985) 280–281
Davies, D., Murphy, S.: Pairs and triplets of DES s-boxes. (preprint)
Rueppel, R.A,: Analysis and design of stream ciphers. Springer Verlag (1986)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1994 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Matsui, M. (1994). The First Experimental Cryptanalysis of the Data Encryption Standard. In: Desmedt, Y.G. (eds) Advances in Cryptology — CRYPTO ’94. CRYPTO 1994. Lecture Notes in Computer Science, vol 839. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48658-5_1
Download citation
DOI: https://doi.org/10.1007/3-540-48658-5_1
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-58333-2
Online ISBN: 978-3-540-48658-9
eBook Packages: Springer Book Archive