Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Workshop on Fast Software Encryption

FSE 2012: Fast Software Encryption pp 306–325Cite as

  1. Home
  2. Fast Software Encryption
  3. Conference paper
ElimLin Algorithm Revisited

ElimLin Algorithm Revisited

  • Nicolas T. Courtois17,
  • Pouyan Sepehrdad18,
  • Petr Sušil18 &
  • …
  • Serge Vaudenay18 
  • Conference paper
  • 1947 Accesses

  • 12 Citations

Part of the Lecture Notes in Computer Science book series (LNSC,volume 7549)

Abstract

ElimLin is a simple algorithm for solving polynomial systems of multivariate equations over small finite fields. It was initially proposed as a single tool by Courtois to attack DES. It can reveal some hidden linear equations existing in the ideal generated by the system. We report a number of key theorems on ElimLin. Our main result is to characterize ElimLin in terms of a sequence of intersections of vector spaces. It implies that the linear space generated by ElimLin is invariant with respect to any variable ordering during elimination and substitution. This can be seen as surprising given the fact that it eliminates variables. On the contrary, monomial ordering is a crucial factor in Gröbner basis algorithms such as F4. Moreover, we prove that the result of ElimLin is invariant with respect to any affine bijective variable change. Analyzing an overdefined dense system of equations, we argue that to obtain more linear equations in the succeeding iteration in ElimLin some restrictions should be satisfied. Finally, we compare the security of LBlock and MIBS block ciphers with respect to algebraic attacks and propose several attacks on Courtois Toy Cipher version 2 (CTC2) with distinct parameters using ElimLin.

Keywords

  • block ciphers
  • algebraic cryptanalysis
  • systems of sparse polynomial equations of low degree

Download conference paper PDF

References

  1. Armknecht, F., Ars, G.: Algebraic Attacks on Stream Ciphers with Gröbner Bases. In: Gröbner Bases, Coding, and Cryptography, pp. 329–348 (2009)

    Google Scholar 

  2. Aumasson, J.-P., Henzen, L., Meier, W., Naya-Plasencia, M.: Quark: A Lightweight Hash. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 1–15. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  3. Bard, G., Courtois, N., Jefferson, C.: Efficient Methods for Conversion and Solution of Sparse Systems of Low-Degree Multivariate Polynomials over GF(2) via SAT-Solvers. Presented at ECRYPT Workshop Tools for Cryptanalysis (2007), http://eprint.iacr.org/2007/024.pdf

  4. Bard, G.V.: Algebraic Cryptanalysis. Springer (2009)

    Google Scholar 

  5. Bay, A., Nakahara Jr., J., Vaudenay, S.: Cryptanalysis of Reduced-Round MIBS Block Cipher. In: Heng, S.-H., Wright, R.N., Goi, B.-M. (eds.) CANS 2010. LNCS, vol. 6467, pp. 1–19. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  6. Bogdanov, A., Knežević, M., Leander, G., Toz, D., Varıcı, K., Verbauwhede, I.: spongent: A Lightweight Hash Function. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 312–325. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  7. Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  8. Brickenstein, M., Dreyer, A.: PolyBoRi: A framework for Gröbner basis computations with Boolean polynomials. In: Electronic Proceedings of MEGA 2007 (2007), http://www.ricam.oeaw.ac.at/mega2007/electronic/26.pdf

  9. Buchberger, B.: Bruno Buchberger’s PhD thesis 1965: An algorithm for finding the basis elements of the residue class ring of a zero dimensional polynomial ideal. Journal of Symbolic Computation 41(3-4), 475–511 (2006)

    CrossRef  MathSciNet  MATH  Google Scholar 

  10. Courtois, N.T.: Higher Order Correlation Attacks, XL Algorithm and Cryptanalysis of Toyocrypt. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 182–199. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  11. Courtois, N.T.: Fast Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 176–194. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  12. Courtois, N.: CTC2 and Fast Algebraic Attacks on Block Ciphers Revisited. In: Cryptology ePrint Archive (2007), http://eprint.iacr.org/2007/152.pdf

  13. Courtois, N.: How Fast can be Algebraic Attacks on Block Ciphers? In: Symmetric Cryptography. Dagstuhl Seminar Proceedings, vol. 07021 (2007)

    Google Scholar 

  14. Courtois, N.: The Dark Side of Security by Obscurity - and Cloning MiFare Classic Rail and Building Passes, Anywhere, Anytime. In: SECRYPT, pp. 331–338 (2009)

    Google Scholar 

  15. Courtois, N.: Algebraic Complexity Reduction and Cryptanalysis of GOST. In: Cryptology ePrint Archive (2011), http://eprint.iacr.org/2011/626

  16. Courtois, N.T., Bard, G.V.: Algebraic Cryptanalysis of the Data Encryption Standard. In: Galbraith, S.D. (ed.) Cryptography and Coding 2007. LNCS, vol. 4887, pp. 152–169. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  17. Courtois, N.T., Debraize, B.: Algebraic Description and Simultaneous Linear Approximations of Addition in Snow 2.0. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 328–344. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  18. Courtois, N.T., Meier, W.: Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 345–359. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  19. Courtois, N.T., O’Neil, S., Quisquater, J.-J.: Practical Algebraic Attacks on the Hitag2 Stream Cipher. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 167–176. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  20. Courtois, N.T., Pieprzyk, J.: Cryptanalysis of Block Ciphers with Overdefined Systems of Equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002)

    CrossRef  Google Scholar 

  21. Courtois, N.T., Klimov, A.B., Patarin, J., Shamir, A.: Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 392–407. Springer, Heidelberg (2000)

    CrossRef  Google Scholar 

  22. De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — A Family of Small and Efficient Hardware-Oriented Block Ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  23. Dinur, I., Shamir, A.: Cube Attacks on Tweakable Black Box Polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  24. Dinur, I., Shamir, A.: Breaking Grain-128 with Dynamic Cube Attacks. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 167–187. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  25. Dunkelman, O., Keller, N.: Linear Cryptanalysis of CTC. In: Cryptology ePrint Archive (2006), http://eprint.iacr.org/2006/250.pdf

  26. Dunkelman, O., Keller, N.: Cryptanalysis of CTC2. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 226–239. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  27. Eén, N., Sörensson, N.: MiniSat 2.0. An open-source SAT solver package, http://www.cs.chalmers.se/Cs/Research/FormalMethods/MiniSat/

  28. Een, N., Sorensson, N.: Minisat - A SAT Solver with Conflict-Clause Minimization. In: Theory and Applications of Satisfiability Testing (2005)

    Google Scholar 

  29. Engels, D., Saarinen, M.-J.O., Schweitzer, P., Smith, E.M.: The Hummingbird-2 Lightweight Authenticated Encryption Algorithm. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 19–31. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  30. Faugère, J.: A new effcient algorithm for computing Gröbner bases (F4). Journal of Pure and Applied Algebra 139(1-3), 61–88 (1999)

    CrossRef  MathSciNet  MATH  Google Scholar 

  31. Faugère, J.: A new efficient algorithm for computing Gröbner bases without reduction to zero (F5). In: Symbolic and Algebraic Computation - ISSAC, pp. 75–83 (2002)

    Google Scholar 

  32. Fusco, G., Bach, E.: Phase transition of multivariate polynomial systems. Journal of Mathematical Structures in Computer Science 19(1) (2009)

    Google Scholar 

  33. Ghasemzadeh, M.: A New Algorithm for the Quantified Satisfiability Problem, Based on Zero-suppressed Binary Decision Diagrams and Memoization. PhD thesis, University of Potsdam, Germany (2005)

    Google Scholar 

  34. Gong, Z., Nikova, S., Law, Y.W.: KLEIN: A New Family of Lightweight Block Ciphers. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 1–18. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  35. Guo, J., Peyrin, T., Poschmann, A.: The PHOTON Family of Lightweight Hash Functions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 222–239. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  36. Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.J.B.: The LED Block Cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  37. Indesteege, S., Keller, N., Dunkelman, O., Biham, E., Preneel, B.: A Practical Attack on KeeLoq. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 1–18. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  38. Izadi, M., Sadeghiyan, B., Sadeghian, S., Arabnezhad, H.: MIBS: A New Lightweight Block Cipher. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 334–348. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  39. Knudsen, L., Leander, G., Poschmann, A., Robshaw, M.J.B.: PRINTcipher: A Block Cipher for IC-Printing. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 16–32. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  40. Magma, software package, http://magma.maths.usyd.edu.au/magma/

  41. Mroczkowski, P., Szmidt, J.: The Cube Attack on Courtois Toy Cipher. In: Cryptology ePrint Archive (2009), http://eprint.iacr.org/2009/497.pdf

  42. Murphy, S., Robshaw, M.J.B.: Essential Algebraic Structure within the AES. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 1–16. Springer, Heidelberg (2002)

    CrossRef  Google Scholar 

  43. Nakahara Jr., J., Sepehrdad, P., Zhang, B., Wang, M.: Linear (Hull) and Algebraic Cryptanalysis of the Block Cipher PRESENT. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 58–75. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  44. Raddum, H., Semaev, I.: Solving Multiple Right Hand Sides linear equations. Journal of Designs, Codes and Cryptography 49(1-3), 147–160 (2008)

    CrossRef  MathSciNet  MATH  Google Scholar 

  45. Shannon, C.E.: Communication theory of secrecy systems. Bell System Technical Journal 28 (1949)

    Google Scholar 

  46. Shibutani, K., Isobe, T., Hiwatari, H., Mitsuda, A., Akishita, T., Shirai, T.: Piccolo: An Ultra-Lightweight Blockcipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 342–357. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  47. Vielhaber, M.: Breaking ONE.FIVIUM by AIDA an Algebraic IV Differential Attack. In: Cryptology ePrint Archive (2007), http://eprint.iacr.org/2007/413

  48. Weinmann, R.: Evaluating Algebraic Attacks on the AES. Master’s thesis, Technische Universität Darmstadt (2003)

    Google Scholar 

  49. Wu, W., Zhang, L.: LBlock: A Lightweight Block Cipher. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 327–344. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University College London, UK

    Nicolas T. Courtois

  2. EPFL, Lausanne, Switzerland

    Pouyan Sepehrdad, Petr Sušil & Serge Vaudenay

Authors
  1. Nicolas T. Courtois
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pouyan Sepehrdad
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Petr Sušil
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Serge Vaudenay
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. INRIA Paris-Rocquencourt, B.P. 105, 78153, Le Chesnay, France

    Anne Canteaut

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Courtois, N.T., Sepehrdad, P., Sušil, P., Vaudenay, S. (2012). ElimLin Algorithm Revisited. In: Canteaut, A. (eds) Fast Software Encryption. FSE 2012. Lecture Notes in Computer Science, vol 7549. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34047-5_18

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-34047-5_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34046-8

  • Online ISBN: 978-3-642-34047-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature