Generalized Matsui Algorithm 1 with Application for the Full DES
- 213 Downloads
In this paper we introduce the strictly zero-correlation attack. We extend the work of Ashur and Posteuca in BalkanCryptSec 2018 and build a 0-correlation key-dependent linear trails covering the full DES. We show how this approximation can be used for a key recovery attack and empirically verify our claims through a series of experiments. To the best of our knowledge, this paper is the first to use this kind of property to leverage a meaningful attack against a symmetric-key algorithm.
KeywordsLinear cryptanalysis DES Poisonous hull
The authors would like to thank Vincent Rijmen for all the useful discussions and ideas. Tomer Ashur is an FWO post-doctoral fellow under Grant Number 12ZH420N. This work was supported in part by the Research Council KU Leuven C1 on Security and Privacy for Cyber-Physical Systems and the Internet of Things with contract number C16/15/058 and by CyberSecurity Research Flanders with reference number VR20192203. The fourth author would like to thank his parents and Charlotte for their support during his studies and thesis.
- [AP18]Ashur, T., Posteuca, R.: On linear hulls in one round of DES. IACR Cryptol. ePrint Arch. 2018, 635 (2018)Google Scholar
- [BR11]Bogdanov, A., Rijmen, V.: Zero-correlation linear cryptanalysis of block ciphers. IACR Cryptol. ePrint Arch. 2011, 123 (2011)Google Scholar
- [DES]FIPS publication 46–3: Data Encryption Standard (DES)Google Scholar
- [D’h19]D’haeseleer, S.: Hardware design for cryptanalysis. Master’s thesis, KU Leuven (2019). Ashur, T., Sijacic, D., Verbauwhede, I. (promotors)Google Scholar