International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Multiple Linear Cryptanalysis Using Linear Statistics

Authors:
Jung-Keun Lee , The Affiliated Institute of Electronics and Telecommunications Research Institute (ETRI), Daejeon, Republic of Korea
Woo-Hwan Kim , The Affiliated Institute of Electronics and Telecommunications Research Institute (ETRI), Daejeon, Republic of Korea
Download:
DOI: 10.13154/tosc.v2019.i4.369-406
URL: https://tosc.iacr.org/index.php/ToSC/article/view/8469
Search ePrint
Search Google
Abstract: We propose an improved and extended approach of the multiple linear cryptanalysis presented by A. Biryukov et al. at CRYPTO 2004 that exploits dominant and statistically independent linear trails. While they presented only rank based attacks with success probability 1, we present threshold based attacks as well as rank based ones using newly introduced statistic that is a linear combination of the component statistics for the trails and is an approximation of the LLR statistic. The rank based Algorithm 1 style attack yields the same estimate for the gain with Biryukov et al.’s Algorithm 1 style attack. For each of the threshold based Algorithm 1 style and Algorithm 2 style attacks, we provide a formula for its advantage in terms of the correlations of the trails, the data complexity, and the success probability in case the aimed success probability is not 1. Combining the threshold based attacks with the rank based ones, we get attacks each of which has better estimates for the advantage compared to the threshold based one in case the aimed success probability is close to 1. We then extend the methods to get a new framework of multiple linear attacks exploiting close-to-dominant linear trails that may not be statistically independent. We apply the methods to full DES and get linear attacks using 4 linear trails with about the same or better complexity compared to those presented at ASIACRYPT 2017 that use 4 additional trails. With data complexity less than 241, the attack has better complexity than existing attacks on DES.
Video from TOSC 2020
BibTeX
@article{tosc-2020-30099,
  title={Multiple Linear Cryptanalysis Using Linear Statistics},
  journal={IACR Transactions on Symmetric Cryptology},
  publisher={Ruhr-Universität Bochum},
  volume={2019, Issue 4},
  pages={369-406},
  url={https://tosc.iacr.org/index.php/ToSC/article/view/8469},
  doi={10.13154/tosc.v2019.i4.369-406},
  author={Jung-Keun Lee and Woo-Hwan Kim},
  year=2020
}