Abstract
Matsui’s linear cryptanalysis for iterated block ciphers is generalized by replacing his linear expressions with I/O ssons sums. For a single round, an I/O sum is the XOR of a balanced binary-valued func- tion of the round input and a balanced binary-valued function of the round output. The basic attack is described and conditions for it to be successful are given. A procedure for finding effective I/O sums, i.e., I/O sums yielding successful attacks, is given. A cipher contrived to be se- cure against linear cryptanalysis but vulnerable to this generalization of linear cryptanalysis is given. Finally, it is argued that the ciphers IDEA and SAFER K-64 are secure against this generalization.
Chapter PDF
References
X. Lai, On the Design and Security of Block Ciphers, vol. 1 of ETH Series in Information Processing. Hartung-Gorre Verlag Konstanz, J. L. Massey ed., 1992. ISBN 3-89191-573-X.
X. Lai, J. L. Massey, and S. Murphy, “Markov ciphers and differential cryptanalysis,” in Advances in Cryptology — Eurocrypt’91, LNCS 574, pp. 17–38, Springer, 1991.
S. K. Langford and M. E. Hellman, “Differential-linear cryptanalysis,” in Advances in Cryptology — Crypto’94, LNCS 839, pp. 17–25, Springer, 1994.
J. L. Massey, “SAFER K-64: A byte-oriented block-ciphering algorithm,” in Fast Software Encryption (R. Anderson, ed.), LNCS 809, pp. 1–17, Springer, Dec. 1993.
M. Matsui, “Linear cryptanalysis method for DES cipher,” in Advances in Cryptology — Eurocrypt’93, LNCS 765, pp. 386–397, Springer, 1993.
M. Matsui, “The first experimental cryptanalysis of the data encryption standard,” in Advances in Cryptology — Crypto’94, LNCS 839, pp. 1–11, Springer, 1994.
M. Matsui, “On correlation between the order of S-boxes and the strength of DES,” in Advances in Cryptology — Eurocrypt’94, 1994.
S. Murphy, F. Piper, M. Walker, and P. Wild, “Likelihood estimation for block cipher keys.” submitted for publication, 1994.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Harpes, C., Kramer, G.G., Massey, J.L. (1995). A Generalization of Linear Cryptanalysis and the Applicability of Matsui’s Piling-up Lemma. In: Guillou, L.C., Quisquater, JJ. (eds) Advances in Cryptology — EUROCRYPT ’95. EUROCRYPT 1995. Lecture Notes in Computer Science, vol 921. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-49264-X_3
Download citation
DOI: https://doi.org/10.1007/3-540-49264-X_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-59409-3
Online ISBN: 978-3-540-49264-1
eBook Packages: Springer Book Archive