Abstract
In this paper, we derive 7 quadratic relations over GF(2) from the input and output bits of the S-boxes of DES. We apply one of those to an improved linear attack of full round DES. We describe an improved algorithm by combining the non-linear approximation method proposed by Knudsen and Robshaw, and the multiple approximation method proposed by Kaliski and Robshaw. This improvement can reduce the number of required plaintexts and ciphertexts pairs to 25/34 (73.5 %) of those number of pairs 243 required in the linear attack by Matsui.
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
T. Becker, V. Weispfenning., “Gröbner Bases.” Springer-Verlag, New York, (1993).
E. Biham., “A Fast New DES Implementation in Software,” FSE'97, LNCS 1267, pp. 245–251, (1997).
D. Branstead, J. Gait, S. Katzke., “Report of the workshop on cryptography in support of computer security,” National Bureau of Standards, Sept, 21–22 1976, NBSIR 77-1291, Sept. (1977).
M. Davio, Y. Desmedt, M. Fosseprez, R. Govaerts, J. Hulsbosch, P. Neutjens, P. Piret,J. Quisiquater, J. Vandewall, P. Wouters., “Analytical charactersitics of the DES,” CRYPTO'83, (1984).
M. Hellman, R. Merkel, R. Schroeppel, L. Washington, W. Diffie, P. Schweiter., “Results of an initial attempt to cryptanalyze the NBS data encryptoion standard,” SEL 76-042, Stanford Univ. (1976).
B. Kaliski, and M. Robshaw., “Linear Cryptnalysis Using Multiple Approximations,” CRYPTO'94, LNCS 839, pp. 26–38, (1994).
L. Knudsen, M. Robshaw., “Non-Linear Approximations in Linear Cryptanalysis,” Eurocrypt'96, LNCS 1070, pp. 224–236, (1996).
M. Kwan., “Bitslice DES,” http://www.cs.mu.oz.au/~mkwan/bitslice, 12 May, (1998).
S. Langford, M. Hellman., “Differential-Linear Cryptanalysis,” CRYPTO'94, LNCS 839, pp. 17–25, (1994).
M. Matsui., “Linear Cryptanalysis Method for DES Cipher,” Eurocrypt'93, LNCS 765, pp. 386–397, (1993).
M. Matsui., “The First Experimental Cryptanalysis of the Data Encryption Standard,” CRYPTO'94, LNCS 839, pp. 1–11, (1994).
J. Nakajima, M. Matsui., “Fast Software Implementation of MISTY on Alpha Processors,” Proceedings of Korea-Japan joint workshop on information security and cryptology, pp. 55–64, (1997).
M. Noro, T. Takeshima., “Risa/Asir — a computer algebra system,” Proceedings of ISSAC '92, ACM Press, pp. 387–396, (1992). (anonymous ftp from ftp://endeavor.fujitsu.co.jp/pub/isis/asir)
I. Schaumuller-Bichl., “Cryptanalysis of the Data Encryption Standard by method of formal coding,” Proceedings of the workshop on cryptography, LNCS 149, pp. 235–255, (1982).
T. Shimoyama, S. Amada, S. Moriai., “Improved Fast Software Implementation of Block Ciphers,” Proceedings of ICICS'97, LNCS 1334, pp. 269–273, (1997).
D. Stinson., “Cryptography: Theory and Practice,” CRC Press Inc., (1995).
M. Takeda, T. Hamade, K. Hisamatsu, T. Kaneko., “Linear Cryptanalysis by Linear Sieve Method,” IEICE Trans., Vol.E81-A, No.1, pp. 82–87, (1998).
P. C. Wayner., “Content-Addressable Search Engines and DES-like Systems,” CRYPTO'92, LNCS 740, pp. 575–586, (1992).
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shimoyama, T., Kaneko, T. (1998). Quadratic relation of S-box and its application to the linear attack of full round DES. In: Krawczyk, H. (eds) Advances in Cryptology — CRYPTO '98. CRYPTO 1998. Lecture Notes in Computer Science, vol 1462. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055729
Download citation
DOI: https://doi.org/10.1007/BFb0055729
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64892-5
Online ISBN: 978-3-540-68462-6
eBook Packages: Springer Book Archive