Advertisement

Generalized Matsui Algorithm 1 with Application for the Full DES

Conference paper
  • 213 Downloads
Part of the Lecture Notes in Computer Science book series (LNCS, volume 12238)

Abstract

In this paper we introduce the strictly zero-correlation attack. We extend the work of Ashur and Posteuca in BalkanCryptSec 2018 and build a 0-correlation key-dependent linear trails covering the full DES. We show how this approximation can be used for a key recovery attack and empirically verify our claims through a series of experiments. To the best of our knowledge, this paper is the first to use this kind of property to leverage a meaningful attack against a symmetric-key algorithm.

Keywords

Linear cryptanalysis DES Poisonous hull 

Notes

Acknowledgements

The authors would like to thank Vincent Rijmen for all the useful discussions and ideas. Tomer Ashur is an FWO post-doctoral fellow under Grant Number 12ZH420N. This work was supported in part by the Research Council KU Leuven C1 on Security and Privacy for Cyber-Physical Systems and the Internet of Things with contract number C16/15/058 and by CyberSecurity Research Flanders with reference number VR20192203. The fourth author would like to thank his parents and Charlotte for their support during his studies and thesis.

References

  1. [AÅBL12]
    Abdelraheem, M.A., Ågren, M., Beelen, P., Leander, G.: On the Distribution of Linear Biases: Three Instructive Examples. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 50–67. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_4CrossRefGoogle Scholar
  2. [AP18]
    Ashur, T., Posteuca, R.: On linear hulls in one round of DES. IACR Cryptol. ePrint Arch. 2018, 635 (2018)Google Scholar
  3. [AR16]
    Ashur, T., Rijmen, V.: On Linear Hulls and Trails. In: Dunkelman, O., Sanadhya, S.K. (eds.) INDOCRYPT 2016. LNCS, vol. 10095, pp. 269–286. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-49890-4_15CrossRefGoogle Scholar
  4. [BCQ04]
    Biryukov, A., De Cannière, C., Quisquater, M.: On Multiple Linear Approximations. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 1–22. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-28628-8_1CrossRefGoogle Scholar
  5. [Bih94]
    Biham, E.: On Matsui’s linear cryptanalysis. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 341–355. Springer, Heidelberg (1995).  https://doi.org/10.1007/BFb0053449CrossRefGoogle Scholar
  6. [BR11]
    Bogdanov, A., Rijmen, V.: Zero-correlation linear cryptanalysis of block ciphers. IACR Cryptol. ePrint Arch. 2011, 123 (2011)Google Scholar
  7. [BT13]
    Bogdanov, A., Tischhauser, E.: On the Wrong Key Randomisation and Key Equivalence Hypotheses in Matsui’s Algorithm 2. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 19–38. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-43933-3_2CrossRefGoogle Scholar
  8. [BV17]
    Bogdanov, A., Vejre, P.S.: Linear Cryptanalysis of DES with Asymmetries. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 187–216. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70694-8_7CrossRefGoogle Scholar
  9. [CV94]
    Chabaud, F., Vaudenay, S.: Links between differential and linear cryptanalysis. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 356–365. Springer, Heidelberg (1995).  https://doi.org/10.1007/BFb0053450CrossRefGoogle Scholar
  10. [DES]
    FIPS publication 46–3: Data Encryption Standard (DES)Google Scholar
  11. [D’h19]
    D’haeseleer, S.: Hardware design for cryptanalysis. Master’s thesis, KU Leuven (2019). Ashur, T., Sijacic, D., Verbauwhede, I. (promotors)Google Scholar
  12. [JR94]
    Kaliski, B.S., Robshaw, M.J.B.: Linear Cryptanalysis Using Multiple Approximations. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 26–39. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48658-5_4CrossRefGoogle Scholar
  13. [Jun01]
    Junod, P.: On the Complexity of Matsui’s Attack. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 199–211. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-45537-X_16CrossRefGoogle Scholar
  14. [Mat93]
    Matsui, M.: Linear Cryptanalysis Method for DES Cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994).  https://doi.org/10.1007/978-3-642-32009-5_40CrossRefGoogle Scholar
  15. [Nyb94]
    Nyberg, K.: Linear approximation of block ciphers. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 439–444. Springer, Heidelberg (1995).  https://doi.org/10.1007/978-3-642-32009-5_41CrossRefGoogle Scholar
  16. [San95]
    Santis, A. (ed.): EUROCRYPT 1994. LNCS, vol. 950. Springer, Heidelberg (1995).  https://doi.org/10.1007/BFb0053418 CrossRefzbMATHGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Imec-COSIC, KU LeuvenLeuvenBelgium
  2. 2.TU EindhovenEindhovenThe Netherlands

Personalised recommendations