Linear Cryptanalysis Method for DES Cipher

  • Mitsuru Matsui
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 765)


We introduce a new method for cryptanalysis of DES cipher, which is essentially a known-plaintext attack. As a result, it is possible to break 8-round DES cipher with 221 known-plaintexts and 16-round DES cipher with 2 47 known-plaintexts, respectively. Moreover, this method is applicable to an only-ciphertext attack in certain situations. For example, if plaintexts consist of natural English sentences represented by ASCII codes, 8-round DES cipher is breakable with 229 ciphertexts only.


Linear Approximation High Success Rate Stream Cipher Good Probability Final Round 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [1]
    E. Biham and A. Shamir, “Differential Cryptanalysis of DES-like Cryptosystems,” Journal of Cryptology, Vol.4, pp.3–72, (1991).zbMATHCrossRefMathSciNetGoogle Scholar
  2. [2]
    E. Biham and A. Shamir, “Differential Cryptanalysis of FEAL and N-Hash,” Advances in Cryptology-EUROCRYPT’91, Lecture Notes in Computer Science, Vol.547, pp. 1–16, (1991).Google Scholar
  3. [3]
    E. Biham and A. Shamir, “Differential Cryptanalysis of the full 16-round DES,” CRYPTO’92 Extended Abstracts, pp.12-1–12-5, (1992).Google Scholar
  4. [4]
    A. Tardy-Corfdir and H. Gilbert, “A Known Plaintext Attack of FEAL-4 and FEAL-6,” Advances in Cryptology-CRYPTO’91, Lecture Notes in Computer Science, Vol.576, pp.172–182, (1991).Google Scholar
  5. [5]
    M. Matsui and A. Yamagishi, “A New Method for Known Plaintext Attack of FEAL Cipher,” Advances in Cryptology-EUROCRYPT’92, Lecture Notes in Computer Science,Vol.658, pp.81–91, (1992).Google Scholar
  6. [6]
    A. Shamir, “On the Security of DES,” Advances in Cryptology-CRYPTO’85, Lecture Notes in Computer Science, Vol.218, pp.280–281, (1985).Google Scholar
  7. [7]
    R.A. Rueppel, “Analysis and Design of Stream Ciphers,” Springer Verlag, (1986).Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1994

Authors and Affiliations

  • Mitsuru Matsui
    • 1
  1. 1.Computer & Information Systems LaboratoryMitsubishi Electric CorporationKamakura, KanagawaJapan

Personalised recommendations