  • 曹文芹,张文涛.分组密码算法的仿射线性密码分析[J].信息安全学报,已采用    [点击复制]
  • Wenqin Cao,Wentao Zhang.Affine linear cryptanalysis of block cipher[J].Journal of Cyber Security,Accept   [点击复制]
【打印本页】 【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

过刊浏览    高级检索

本文已被:浏览 1634次   下载 279  
曹文芹, 张文涛
(中国科学院信息工程研究所信息安全国家重点实验室 北京 中国)
关键词:  多维线性分析  仿射线性分析  PRESENT
Affine linear cryptanalysis of block cipher
Wenqin Cao, Wentao Zhang
(State Key Laboratory Of Information Security,Institute of Information Engineering,#$NLChinese Academy of Sciences)
Affine linear cryptanalysis is a new variant of multidimensional linear cryptanalysis method for block ciphers. Multidimensional linear cryptanalysis uses all nonzero linear approximations in a multidimensional linear subspaces, but it discards a whole half-space of linear approximations, which contributes little or nothing to multidimensional linear crypt-analysis, and only extracts information from the reserved affine subspace to construct more effective test statistics to attack block ciphers. In order to further improve the efficiency of the attack, Nyberg conjectured that discarding the terms with low scores of affine statistic, and the sum of the remaining terms is also a statistic that follows chi square distribution. This paper proves that the conjecture is correct, and gives an application method of this conjecture. PRESENT and Serpent algorithms are used to verify the validity of the model. We perform 26 and 27 rounds of key recovery attacks against PRESENT by the model, and analyze the data complexity of affine linear cryptanalysis on 4 rounds Serpent.
Key words:  multidimensional linear cryptanalysis  affine linear cryptanalysis  PRESENT