Abstract
The results of this paper give the theoretical fundaments on which Matsui's linear cryptanalysis of the DES is based. As a result we obtain precise information on the assumptions explicitely or implicitely stated in [2] and show that the success of Algorithm 2 is underestimated in [2]. We also derive a formula for the strength of Algorithm 2 for DES-like ciphers and see what is its dependence on the plaintext distribution. Finally, it is shown how to achieve proven resistance against linear cryptanalysis.
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
X. Lai, J. L. Massey, S. Murphy, Markov ciphers and differential cryptanalysis, Advances in Cryptology — EUROCRYPT'91, Lecture Notes in Computer Science 547, Springer-Verlag, 1992.
M. Matsui, Linear cryptanalysis method for DES cipher, in Advances in Cryptology — EUROCRYPT'93, Lecture Notes in Computer Science 765, Springer-Verlag, 1994, pp. 386–397.
K. Nyberg, Differentially uniform mappings for cryptography, ibidem, pp. 55–64
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nyberg, K. (1995). Linear approximation of block ciphers. In: De Santis, A. (eds) Advances in Cryptology — EUROCRYPT'94. EUROCRYPT 1994. Lecture Notes in Computer Science, vol 950. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0053460
Download citation
DOI: https://doi.org/10.1007/BFb0053460
Received:
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-60176-0
Online ISBN: 978-3-540-44717-7
eBook Packages: Springer Book Archive