short-paper

How to search linear approximation for large non-surjective S-box

Authors:

Yue Sun,

Meiqin Wang,

Qiumei SunAuthors Info & Claims

ASIACCS '11: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security

Pages 459 - 465

https://doi.org/10.1145/1966913.1966979

Published: 22 March 2011 Publication History

Get Access

Abstract

Linear cryptanalysis is a general form of cryptanalysis based on identifying the linear approximations of a cipher. It is one of the two most widely used attacks on block ciphers. In order to resist the differential cryptanalysis, the S-box with large output bit number is applied in block cipher, for example CAST-128 and CAST-256 use the 8 × 32 S-boxes. In addition, the S-boxes are often constructed based on bent functions to resist the linear cryptanalysis and the S-boxes are non-surjective mapping. Therefore, for the large non-surjective S-box, to identify the best linear approximation with zero input mask and nonzero output mask is difficult due to the unaccepted computation time. In this paper, we will give an efficient computing method to find such best linear approximations for the non-surjective large S-boxes using parallel computation in practical time. This computing method can help to estimate the resistant property for some kind of linear cryptanalysis of block ciphers with this kind of S-box.

References

[1]

E. Biham and A. Shamir. Differential Cryptanalysis of DES-like Cryptosystems. Journal of Cryptology, vol.4, no.1, Springer-Verlag, pp. 3--72, 1991.

Digital Library

Google Scholar

[2]

Adams. C and Tavares. S. The CAST-128 Encryption Algorithm. RFC 2144, May 1997

Google Scholar

[3]

C. Adams and J. Gilchrist. The CAST-256 Encryption Algorithm. RFC 2612, June 1999.

Google Scholar

[4]

Bruce Schneier. The Blowfish Encryption Algorithm. Dr. Dobb's Journal, 19(4). pp. 38--40, April 1994.

Google Scholar

[5]

M. Wang, X. Wang and C. Hu. New Linear Cryptanalytic Results of Reduced-Round of CAST-128 and CAST-256. SAC 2009, LNCS 5867, Springer, pp. 429--441, 2009.

Digital Library

Google Scholar

[6]

D. Wagner. The Boomerang Attack. FSE 1999, LNCS 1636, Springer, pp. 156--170, 1999.

Digital Library

Google Scholar

[7]

Seki. H and Kaneko. T. Differential Cryptanalysis of CAST-256 Reduced to Nine Quad-rounds. Ieice Transactions on Fundamentals of Electronics Communication and Computer Sciences E84-A(4), pp. 913--918, 2001.

Google Scholar

[8]

Jorge Nakahara Jr and Mads Rasmussen. Linear Analysis of Reduced-round CAST-128 and CAST-256. SBSEG 2007, pp. 45--55, 2007.

Google Scholar

[9]

Matsui. M. Linear Cryptanalysis Method for DES Cipher. Adv. in Cryptology, Eurocrypt 1993, LNCS 765, Springer, pp. 386--397, 1994.

Digital Library

Google Scholar

Cited By

View all

Mohamed KPauzi MAli FAriffin S(2015)Linearity Test Framework for S-Box in Block Cipher2015 5th International Conference on IT Convergence and Security (ICITCS)10.1109/ICITCS.2015.7292993(1-5)Online publication date: Aug-2015
https://doi.org/10.1109/ICITCS.2015.7292993
Zhao JWang MWen L(2014)Improved Linear Cryptanalysis of CAST-256Journal of Computer Science and Technology10.1007/s11390-014-1496-829:6(1134-1139)Online publication date: 17-Nov-2014
https://doi.org/10.1007/s11390-014-1496-8

Index Terms

How to search linear approximation for large non-surjective S-box

Recommendations

New Linear Cryptanalytic Results of Reduced-Round of CAST-128 and CAST-256
Selected Areas in Cryptography

This paper presents a linear cryptanalysis for reduced round variants of CAST-128 and CAST-256 block ciphers. Compared with the linear relation of round function with the bias 2^-17 by J. Nakahara et al., we found the more heavily biased linear ...
A methodology for differential-linear cryptanalysis and its applications
FSE'12: Proceedings of the 19th international conference on Fast Software Encryption

In 1994 Langford and Hellman introduced a combination of differential and linear cryptanalysis under two default independence assumptions, known as differential-linear cryptanalysis, which is based on the use of a differential-linear distinguisher ...
Differential-Linear Cryptanalysis Revisited

The two main classes of statistical cryptanalysis are the linear and differential attacks. They have many variants and enhancements such as the multidimensional linear attacks and the truncated differential attacks. The idea of differential-linear ...

Comments

Information & Contributors

Information

Published In

ASIACCS '11: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security

March 2011

527 pages

ISBN:9781450305648

DOI:10.1145/1966913

General Chairs:
Bruce Cheung
The University of Hong Kong, China
,
Lucas Chi Kwong Hui
The University of Hong Kong, China
,
Program Chairs:
Ravi Sandhu
University of Texas, San Antonio
,
Duncan S. Wong
City University of Hong Kong, China

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 March 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Funding Sources

National Natural Science Foundation of China
Shandong Province
Ministry of Science and Technology of the People's Republic of China
Shandong University Initiative Scientific Research Program

Conference

ASIA CCS '11

Sponsor:

SIGSAC

ASIA CCS '11: 6th ACM Symposium on Information, Compuer and Communications Security

March 22 - 24, 2011

Hong Kong, China

Acceptance Rates

ASIACCS '11 Paper Acceptance Rate 35 of 217 submissions, 16%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
206
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)1

Reflects downloads up to 28 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Mohamed KPauzi MAli FAriffin S(2015)Linearity Test Framework for S-Box in Block Cipher2015 5th International Conference on IT Convergence and Security (ICITCS)10.1109/ICITCS.2015.7292993(1-5)Online publication date: Aug-2015
https://doi.org/10.1109/ICITCS.2015.7292993
Zhao JWang MWen L(2014)Improved Linear Cryptanalysis of CAST-256Journal of Computer Science and Technology10.1007/s11390-014-1496-829:6(1134-1139)Online publication date: 17-Nov-2014
https://doi.org/10.1007/s11390-014-1496-8

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

New Linear Cryptanalytic Results of Reduced-Round of CAST-128 and CAST-256

A methodology for differential-linear cryptanalysis and its applications

Differential-Linear Cryptanalysis Revisited

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations