Linear Cryptanalysis of Reduced Round Serpent

  • Eli Biham
  • Orr Dunkelman
  • Nathan Keller
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2355)

Abstract

Serpent is one of the 5 AES finalists. In this paper we present a 9-round linear approximation for Serpent with probability of 1/2+2-52. We use it to attack 10-round Serpent with all key lengths with data complexity of 2118 and running time of 289. A variant of this approximation is used in the first attack against an 11-round Serpent with 192-bit and 256-bit keys, which require the same amount of data and 2187 running time.

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Eli Biham
    • 1
  • Orr Dunkelman
    • 1
  • Nathan Keller
    • 2
  1. 1.Computer Science DepartmentTechnion - Israel Institute of TechnologyHaifaIsrael
  2. 2.Mathematics DepartmentTechnion - Israel Institute of TechnologyHaifaIsrael

Personalised recommendations