Improved Parameter Estimates for Correlation and Capacity Deviates in Linear Cryptanalysis

dc.contributorAalto-yliopistofi
dc.contributorAalto Universityen
dc.contributor.authorBlondeau, Celine
dc.contributor.authorNyberg, Kaisa
dc.contributor.departmentDepartment of Computer Science
dc.date.accessioned2017-03-23T11:16:43Z
dc.date.available2017-03-23T11:16:43Z
dc.date.issued2017
dc.description.abstractStatistical attacks form an important class of attacks against block ciphers. By analyzing the distribution of the statistics involved in the attack, cryptanalysts aim at providing a good estimate of the data complexity of the attack. Recently multiple papers have drawn attention to how to improve the accuracy of the estimated success probability of linear key-recovery attacks. In particular, the effect of the key on the distribution of the sample correlation and capacity has been investigated and new statistical models developed. The major problem that remains open is how to obtain accurate estimates of the mean and variance of the correlation and capacity. In this paper, we start by presenting a solution for a linear approximation which has a linear hull comprising a number of strong linear characteristics. Then we generalize this approach to multiple and multidimensional linear cryptanalysis and derive estimates of the variance of the test statistic. Our simplest estimate can be computed given the number of the strong linear approximations involved in the offline analysis and the resulting estimate of the capacity. The results tested experimentally on SMALLPRESENT-[4] show the accuracy of the estimated variance is significantly improved. As an application we give more realistic estimates of the success probability of the multidimensional linear attack of Cho on 26 rounds of PRESENT.en
dc.description.versionPeer revieweden
dc.format.extent30
dc.format.extent162-191
dc.format.mimetypeapplication/pdf
dc.identifier.citationBlondeau , C & Nyberg , K 2017 , ' Improved Parameter Estimates for Correlation and Capacity Deviates in Linear Cryptanalysis ' , IACR Transactions on Symmetric Cryptology , vol. 2016 , no. 2 , pp. 162-191 . https://doi.org/10.13154/tosc.v2016.i2.162-191en
dc.identifier.doi10.13154/tosc.v2016.i2.162-191
dc.identifier.issn2519-173X
dc.identifier.otherPURE UUID: 74cb5745-f9ce-4417-928b-6747df7dfd02
dc.identifier.otherPURE ITEMURL: https://research.aalto.fi/en/publications/74cb5745-f9ce-4417-928b-6747df7dfd02
dc.identifier.otherPURE FILEURL: https://research.aalto.fi/files/11520224/570_1544_1_SM.pdf
dc.identifier.urihttps://aaltodoc.aalto.fi/handle/123456789/24901
dc.identifier.urnURN:NBN:fi:aalto-201703233144
dc.language.isoenen
dc.relation.ispartofseriesIACR Transactions on Symmetric Cryptologyen
dc.relation.ispartofseriesVolume 2016, issue 2en
dc.rightsopenAccessen
dc.subject.keywordblock cipher
dc.subject.keywordlinear cryptanalysis
dc.subject.keywordkey-recovery attack
dc.subject.keywordmultidimensional linear attack
dc.subject.keywordmultiple linear attack
dc.subject.keywordkey-dependency
dc.subject.keywordcorrelation
dc.subject.keywordcapacity
dc.subject.keywordknown plaintext
dc.subject.keyworddistinct known plaintext
dc.subject.keywordstatistical model
dc.titleImproved Parameter Estimates for Correlation and Capacity Deviates in Linear Cryptanalysisen
dc.typeA1 Alkuperäisartikkeli tieteellisessä aikakauslehdessäfi
Files