Improving the Algorithm 2 in Multidimensional Linear Cryptanalysis

  • Phuong Ha Nguyen
  • Hongjun Wu
  • Huaxiong Wang
Conference paper

DOI: 10.1007/978-3-642-22497-3_5

Volume 6812 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Nguyen P.H., Wu H., Wang H. (2011) Improving the Algorithm 2 in Multidimensional Linear Cryptanalysis. In: Parampalli U., Hawkes P. (eds) Information Security and Privacy. ACISP 2011. Lecture Notes in Computer Science, vol 6812. Springer, Berlin, Heidelberg

Abstract

In FSE’09 Hermelin et al. introduced the Algorithm 2 of multidimensional linear cryptanalysis. If this algorithm is m-dimensional and reveals l bits of the last round key with N plaintext-ciphertext pairs, then its time complexity is \(\mathcal{O}(mN2^l)\). In this paper, we show that by applying the Fast Fourier Transform and Fast Walsh Hadamard Transform to the Algorithm 2 of multidimensional linear cryptanalysis, we can reduce the time complexity of the attack to \(\mathcal{O}(N + \lambda2^{m+l})\), where λ is 3(m + l) or 4m + 3l . The resulting attacks are the best known key recovery attacks on 11-round and 12-round Serpent. The data, time, and memory complexity of the previously best known attack on 12-round Serpent are reduced by factor of 27.5, 211.7, and 27.5, respectively. This paper also simulates the experiments of the improved Algorithm 2 in multidimensional linear cryptanalysis on 5-round Serpent.

Keywords

Multidimensional linear cryptanalysis Linear Cryptanalysis Serpent Fast Fourier Transform Fast Walsh Hadamard Transform 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Phuong Ha Nguyen
    • 1
  • Hongjun Wu
    • 1
  • Huaxiong Wang
    • 1
  1. 1.Division of Mathematical Sciences, School of Physical and Mathematical SciencesNanyang Technological UniversitySingapore