A Statistical Attack of the FEAL-8 Cryptosystem

  • Henri Gilbert
  • Guy Chassé
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 537)


This paper presents a chosen plaintext cryptanalysis of the FEAL-8 cryptosystem. The attack requires the ciphertext corresponding to approximately 10000 pairs of 64 bit plaintext blocks. The difference (bitwise xor) between the two blocks of each pair is equal to an appropriately selected constant. We first state that some differential statistics for intermediate values of the data randomizer are non uniform and independent of the encryption key. We then show that these statistics can be used to compute gradually the expanded key of the data randomizer.


Sample Pair Exhaustive Search Statistical Attack Differential Statistic Attack Method 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [1]
    A. Shamir Lecture at Secuticom 89.Google Scholar
  2. [2]
    Bert Den Boer Cryptanalysis of F.E.A.L., Proceedings of Eurocrypt’ 88, pp 293–299.Google Scholar
  3. [3]
    S. Miyaguchi, S. Shiraishi, S. Shimizu Fast Data Encipherment Algorithm PEAL-8 Review of the Electrical Communication Laboratories, Vol. 36, No 4 (1988).Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1991

Authors and Affiliations

  • Henri Gilbert
    • 1
  • Guy Chassé
    • 1
  1. 1.Centre National d’Etudes des Télécommunications (CNET) PAA-TIMIssy les MoulineauxFrance

Personalised recommendations