Abstract
We improve linear cryptanalysis by introducing a technique of probabilistic counting into the maximum likelihood stage.
In the original linear cryptanalysis based on maximum likelihood method with deterministic counting, the number of effective key and text bits is a multiple of the number of bit involved in the input to some S-box. Then, when larger S-boxes are used, 2R-method and even the 1R-methods can become impractical just because the number of effective text and key bits become excessive. Though 2R-method is practical for attacking DES, existing examples of ciphers where 2R-method is impractical include LOKI91.
We overcome this problem by selecting a part of the effective key bits and investigating the probabilistic behavior of the remained effective key bits. The previous attacks discusses deterministic evaluation of the given approximated formula only when all values of the effective text/key bits are known, while we compute the probability that the approximated formula with unknown inputs equals to zero.
This extension of linear cryptanalysis make useful for 2R-attack on LOKI91, then improves the performance of previous attacks. Furthermore, we implemented some experiments of attacks on 4-round LOKI91, and confirmed the effectiveness of our method.
Chapter PDF
References
K.Aoki, and K.Ohta, “Linear Cryptanalysis of the Fast Data Encipherment Algorithm,≓ Tech. Rept. of IEICE, ISEC94-5 (1994).
L. Brown, M. Kwan, J. Pieprzyk, J. Seberry, “Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI,≓ Advances in Cryptology, — ASIACRYPT’91, LNCS Vol. 739, Springer-Verlag, 1991.
L. Brown, J. Pieprzyk, J. Seberry, “LOKI — A Cryptographic Primitive for Authentication and Secrecy Applications,≓ Advances in Cryptology, — AUSCRYPT’90, LNCS Vol. 453, Springer-Verlag, 1990.
E. Biham, A. Shamir, “Differential Cryptanalysis of Snefru, Khafre, REDOCII, LOKI and Lucifer,≓ Advances in Cryptology, — CRYPTO’91, LNCS Vol.576, Springer-Verlag, 1991.
E. Biham, A. Shamir, “Differential Cryptanalysis of of the Data Encryption Standard,≓ Springer-Verlag, 1993.
L. R. Knudsen, “Cryptanalysis of LOKI,≓ Advances in Cryptology, — ASIACRYPT’91, LNCS Vol. 739, Springer-Verlag, 1991.
L. R. Knudsen, “Cryptanalysis of LOKI91,≓ Advances in Cryptology, — AUSCRYPT’92, LNCS Vol. 718, Springer-Verlag, 1992.
B. S. Kaliski, M. J. B. Robshaw, “Linear Cryptanalysis Using Multiple Approximations,≓ Advances in Cryptology, — CRYPTO’94, LNCS Vol.839, Springer-Verlag, 1994.
L. R. Knudsen, M. J. B. Robshaw, “Non-linear Approximations in Linear Cryptanalysis,≓ Advances in Cryptology, — EUROCRYPT’96, LNCS Vol. 1070, Springer-Verlag, 1996.
S. K. Langford, M. E. Hellman, “Differential-Linear Cryptanalysis,≓ Advances in Cryptology, — CRYPTO’94, LNCS Vol. 839, Springer-Verlag, 1994.
M. Matsui, “Linear Cryptanalysis Method for DES Cipher,≓ Advances in Cryptology, — EUROCRYPT’93, LNCS Vol. 765, Springer-Verlag, 1993.
M. Matsui, “The First Experimental Cryptanalysis of the Data Encryption Standard,≓ Advances in Cryptology, — CRYPTO’94, LNCS Vol. 839, Springer-Verlag, 1994.
R. Morris, “Counting large numbers of events in small registers,≓ Comm. of the ACM, Vol.21, No.10 (1978).
K.Nyberg, “Linear approximation of block ciphers,≓ Advances in Cryptology, — EUROCRYPT’94, LNCS Vol. 950, Springer-Verlag, 1995.
K. Nyberg and L.R. Knudsen, “Provable security against a differential attack.≓ J. Cryptology, Vol.8, No.1, pp.27–37 (1995).
K. Ohta, K. Aoki, “Linear Cryptanalysis of the Fast Data Encipherment Algorithm,≓ Advances in Cryptology, — CRYPTO’94, LNCS Vol. 839, Springer-Verlag, 1994.
K. Ohta, S. Moriai, and K. Aoki, “Improving the search algorithm for best linear expression,≓ Advances in Cryptology, — CRYPTO’95, LNCS Vol. 963, Springer-Verlag, 1995.
R. Rivest, “Oral remark on Morris’s work [Mor78] at the second author’s presentation of Fse4,≓ Jan. 1997
J. B. Robshaw, “Email-answer to the first author’s query on the experimental results on [KR96],≓ Oct. 1996.
S.Vaudenay, “An experiment on DES statistical cryptanalysis,≓ Proc. of 3rd ACM CCCS, 1996.
T. Tokita, T. Sorimachi, M. Matsui, “Linear Cryptanalysis of LOKI and s 2DES,≓ Advances in Cryptology, — ASIACRYPT’94, LNCS Vol.917, Springer-Verlag, 1994.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1997 Springer-Verlag
About this paper
Cite this paper
Sakurai, K., Furuya, S. (1997). Improving linear cryptanalysis of LOKI91 by probabilistic counting method. In: Biham, E. (eds) Fast Software Encryption. FSE 1997. Lecture Notes in Computer Science, vol 1267. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0052340
Download citation
DOI: https://doi.org/10.1007/BFb0052340
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-63247-4
Online ISBN: 978-3-540-69243-0
eBook Packages: Springer Book Archive