Abstract
In [9] Matsui introduced a new method of cryptanalysis, called Linear Cryptanalysis. This method was used to attack DES using 247 known plaintexts. In this paper we formalize this method and show that although in the details level this method is quite different from differential cryptanalysis, in the structural level they are very similar. For example, characteristics can be defined in linear cryptanalysis, but the concatenation rule has several important differences from the concatenation rule of differential cryptanalysis. We show that the attack of Davies on DES is closely related to linear cryptanalysis. We describe constraints on the size of S boxes caused by linear cryptanalysis. New results to Feal are also described.
Chapter PDF
References
Eli Biham, Adi Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, 1993.
Eli Biham, Adi Shamir, Differential Cryptanalysis of DES-like Cryptosystems, Journal of Cryptology, Vol. 4, No. 1, pp. 3–72, 1991.
Eli Biham, Adi Shamir, Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer, technical report CS91-18, Department of Applied Mathematics and Computer Science, The Weizmann Institute of Science, 1991. The extended abstract appears in Lecture Notes in Computer Science, Advances in Cryptology, proceedings of CRYPTO'91, pp. 156–171, 1991.
Don Coppersmith, The Data Encryption Standard (DES) and its Strength Against Attacks, technical report, IBM Thomas J. Watson Research Center, RC 18613 (81421), December 1992.
D. W. Davies, Investigation of a Potential Weakness in the DES Algorithm, 1987, private communication.
Xuejia Lai, James L. Massey, Sean Murphy, Markov Ciphers and Differential Cryptanalysis, Lecture Notes in Computer Science, Advances in Cryptology, proceedings of EUROCRYPT'91, pp. 17–38, 1991.
Xuejia Lai, On the Design and Security of Block Ciphers, Ph.D. thesis, Swiss Federal Institue of Technology, Zurich, 1992.
Mitsuru Matsui, Atsuhiro Yamagishi, A New Method for Known Plaintext Attack of FEAL Cipher, Lecture Notes in Computer Science, Advances in Cryptology, proceedings of EUROCRYPT'92, pp. 81–91, 1992.
M. Matsui, Linear Cryptanalysis Method for DES Cipher, Abstracts of EUROCRYPT'93, pp. W112–W123, May 1993.
Ralph C. Merkle, Fast Software Encryption Functions, Lecture Notes in Computer Science, Advances in Cryptology, proceedings of CRYPTO'90, pp. 476–501, 1990.
Shoji Miyaguchi, Akira Shiraishi, Akihiro Shimizu, Fast Data Encryption Algorithm FEAL-8, Review of electrical communications laboratories, Vol. 36, No. 4, pp. 433–437, 1988.
Luke O'Connor, On the Distribution of Characteristics in Bijective Mappings, Lecture Notes in Computer Science, Advances in Cryptology, proceedings of EUROCRYPT'93, to appear.
Luke O'Connor, On the Distribution of Characteristics in Composite Permutations, Lecture Notes in Computer Science, Advances in Cryptology, proceedings of CRYPTO'93, to appear.
Adi Shamir, On the Security of DES, Lecture Notes in Computer Science, Advances in Cryptology, proceedings of CRYPTO'85, pp. 280–281, 1985.
Akihiro Shimizu, Shoji Miyaguchi, Fast Data Encryption Algorithm FEAL, Lecture Notes in Computer Science, Advances in Cryptology, proceedings of EUROCRYPT'87, pp. 267–278, 1987.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Biham, E. (1995). On Matsui's linear cryptanalysis. In: De Santis, A. (eds) Advances in Cryptology — EUROCRYPT'94. EUROCRYPT 1994. Lecture Notes in Computer Science, vol 950. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0053449
Download citation
DOI: https://doi.org/10.1007/BFb0053449
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-60176-0
Online ISBN: 978-3-540-44717-7
eBook Packages: Springer Book Archive