Linear Approximations of Addition Modulo 2n-1

  • Chunfang Zhou
  • Xiutao Feng
  • Chuankun Wu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6733)

Abstract

Addition modulo 231 − 1 is a basic arithmetic operation in the stream cipher ZUC. For evaluating ZUC’s resistance against linear cryptanalysis, it is necessary to study properties of linear approximations of the addition modulo 231 − 1. In this paper we discuss linear approximations of the addition of k inputs modulo 2n − 1 for n ≥ 2. As a result, an explicit expression of the correlations of linear approximations of the addition modulo 2n − 1 is given when k = 2, and an iterative expression when k > 2. For a class of special linear approximations with all masks being equal to 1, we further discuss the limit of their correlations when n goes to infinity. It is shown that when k is even, the limit is equal to zero, and when k is odd, the limit is bounded by a constant depending on k.

Keywords

Linear approximation modular additions linear cryptanalysis 

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Chunfang Zhou
    • 1
    • 2
  • Xiutao Feng
    • 1
  • Chuankun Wu
    • 1
  1. 1.State Key Laboratory of Information Security, Institute of SoftwareChinese Academy of SciencesBeijingChina
  2. 2.Graduate University of the Chinese Academy of ScienceBeijingChina

Personalised recommendations