A Generalization of Linear Cryptanalysis and the Applicability of Matsui's Piling-Up Lemma

14 years 3 months ago

Download www.isiweb.ee.ethz.ch

Matsui's linear cryptanalysis for iterated block ciphers is generalized by replacing his linear expressions with I O sums. For a single round, an I O sum is the XOR of a balanced binary-valued function of the round input and a balanced binary-valued function of the round output. The basic attack is described and conditions for it to be successful are given. A procedure for nding e ective I O sums, i.e., I O sums yielding successful attacks, is given. A cipher contrived to be secure against linear cryptanalysis but vulnerable to this generalization of linear cryptanalysis is given. Finally, it is argued that the ciphers IDEA and SAFER K-64 are secure against this generalization. Keywords. Linear cryptanalysis, di erential cryptanalysis, piling-up lemma, IDEA, SAFER.

Carlo Harpes, Gerhard G. Kramer, James L. Massey

Real-time Traffic

Balanced Binary-valued Function | Cryptology | EUROCRYPT 1995 | Linear Cryptanalysis | Matsui's Linear Cryptanalysis |

claim paper

Post Info
More Details (n/a)

Added	26 Aug 2010
Updated	26 Aug 2010
Type	Conference
Year	1995
Where	EUROCRYPT
Authors	Carlo Harpes, Gerhard G. Kramer, James L. Massey

Comments (0)

Sciweavers

A Generalization of Linear Cryptanalysis and the Applicability of Matsui's Piling-Up Lemma

Balanced Binary-valued Function | Cryptology | EUROCRYPT 1995 | Linear Cryptanalysis | Matsui's Linear Cryptanalysis |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers