Skip to main content
SpringerLink
Log in

Improved Linear Attacks on the Chinese Block Cipher Standard

  • Regular Paper
  • Published:
Journal of Computer Science and Technology Aims and scope Submit manuscript

Abstract

The block cipher used in the Chinese Wireless LAN Standard (WAPI), SMS4, was recently renamed as SM4, and became the block cipher standard issued by the Chinese government. This paper gives a method for finding the linear approximations of SMS4. With this method, 19-round one-dimensional approximations are given, which are used to improve the previous linear cryptanalysis of SMS4. The 19-round approximations hold with bias 2−62.27; we use one of them to leverage a linear attack on 23-round SMS4. Our attack improves the previous 23-round attacks by reducing the time complexity. Furthermore, the data complexity of our attack is further improved by the multidimensional linear approach.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Office of State Commercial Cryptography Administration. Specification of SMS4, block cipher for WLAN products-SMS4. http://www.oscca.gov.cn/UpFile/200621016423197990. pdf, Sept. 2014. (in Chinese)

  2. Diffie W, Ledin G (translators). SMS4 encryption algorithm for wireless networks. Cryptology ePrint Archive. http://e-print.iacr.org/2008/329.pdf, Sept. 2014.

  3. Liu F, Ji W, Hu L et al. Analysis of the SMS4 block cipher. In Proc. the 12th Australasian Conference on Information Security and Privacy, July 2007, pp.158-170.

  4. Ji W, Hu L. New description of SMS4 by an embedding over GF(28). In Proc. the 8th International Conference on Cryptology in India, December 2007, pp.238–251.

  5. Lu J. Attacking reduced-round versions of the SMS4 block cipher in the Chinese WAPI standard. In Proc. the 9th International Conference on Information and Communications Security, December 2007, pp.306–318.

  6. Toz D, Dunkelman O. Analysis of two attacks on reduced-round versions of the SMS4. In Proc. the 10th International Conference on Information and Communications Security, October 2008, pp.141–156.

  7. Zhang L, Zhang W, Wu W. Cryptanalysis of reduced-round SMS4 block cipher. In Proc. the 13th Australasian Conference on Information Security and Privacy, July 2008, pp.216–229.

  8. Kim T, Kim J, Hong S et al. Linear and differential crypt- analysis of reduced SMS4 block cipher. Cryptology ePrint Archive, June 2008. http://eprint.iacr.org/2008/281.pdf, Sept. 2014.

  9. Etrog J, Robshaw M J B. The cryptanalysis of reduced-round SMS4. In Proc. the 15th International Workshop on Selected Areas in Cryptography, August 2008, pp.51–65.

  10. Zhang W, Wu W, Feng D et al. Some new observations on the SMS4 block cipher in the Chinese WAPI standard. In Proc. the 5th International Conference on Information Security Practice and Experience, April 2009, pp.324-335.

  11. Liu Z, Gu D, Zhang J. Multiple linear cryptanalysis of reduced-round SMS4 block cipher. Chinese Journal of Electronics, 2010, 19(3): 389–393.

    MathSciNet  Google Scholar 

  12. Su B, Wu W, Zhang W. Security of the SMS4 block cipher against differential cryptanalysis. J. Comput. Sci. & Technol., 2011, 26(1): 130–138.

    Article  MATH  MathSciNet  Google Scholar 

  13. Cho J Y, Nyberg K. Improved linear cryptanalysis of SMS4 block cipher. In Proc. Symmetric Key Encryption Workshop 2011, February 2011. http://skew2011.mat.dtu.dk/proceedings/Improved%20Linear%20Cryptanalysis%20of%20SMS4%20Block%20Cipher.pdf, Sept. 2014.

  14. Zhang B, Jin C. Practical security against linear cryptanalysis for SMS4-like ciphers with SP round function. Science China Information Sciences, 2012, 55(9): 2161–2170.

    Article  MATH  MathSciNet  Google Scholar 

  15. Matsui M. Linear cryptoanalysis method for DES cipher. In Proc. the 12th International Workshop on the Theory and Applications of Cryptographic Techniques, May 1993, pp.386–397.

  16. Collard B, Standaert F X, Quisquater J J. Improving the time complexity of Matsui's linear cryptanalysis. In Proc. the 10th International Conference on Information Security and Cryptology, November 2007, pp.77-88.

  17. Kaliski B S, Robshaw M J B. Linear cryptanalysis using multiple approximations. In Proc. the 14th Annual International Cryptology Conference, August 1994, pp.26–39.

  18. Kaliski B S, Robshaw M J B. Linear cryptanalysis using multiple approximations and FEAL. In Proc. the 2nd International Workshop on Fast Software Encryption, December 1994, pp.249–264.

  19. Biryukov A, De Cannière C, Quisquater M. On multiple linear approximations. In Proc. the 24th Annual International Cryptology Conference, August 2004, pp.1–22.

  20. Hermelin M, Cho J Y, Nyberg K. Multidimensional linear cryptanalysis of reduced round serpent. In Proc. the 13th Australasian Conference on Information Security and Privacy, July 2008, pp.203-215.

  21. Hermelin M, Cho J Y, Nyberg K. Multidimensional extension of Matsui's Algorithm 2. In Proc. the 16th International Workshop on Fast Software Encryption, February 2009, pp.209–227.

  22. Hermelin M, Nyberg K. Dependent linear approximations: The algorithm of Biryukov and others revisited. In Proc. The Cryptographers' Track at the RSA Conference 2010, March 2010, pp.318–333.

  23. Nguyen P H, Wu H, Wang H. Improving the Algorithm 2 in multidimensional linear cryptanalysis. In Proc. the 16th Australasian Conference on Information Security and Privacy, July 2011, pp.61–74.

  24. Mouha N, Wang Q, Gu D et al. Differential and linear crypt-analysis using mixed-integer linear programming. In Proc. the 7th International Conference on Information Security and Cryptology, November 2011, pp.57–76.

  25. Daemen J, Rijmen V. The Design of Rijndael. New York: Springer-Verlag, 2002.

    Book  MATH  Google Scholar 

  26. Selçuk A A. On probability of success in linear and differential cryptanalysis. J. Cryptology, 2008, 21(1): 131–147.

    Article  MATH  MathSciNet  Google Scholar 

  27. Nyberg K, Hermelin M. Multidimensional Walsh transform and a characterization of Bent functions. In Proc. the 2007 IEEE Information Theory Workshop on Information Theory for Wireless Networks, July 2007, pp.83–86.

  28. Yarlagadda R, Hershey J. Hadamard Matrix Analysis and Synthesis: With Applications to Communications and Signal/Image Processing. Dordrecht, the Netherlands: Kluwer Academic Publishers, 1997.

  29. Cormen T H, Leiserson C E, Rivest R L et al. Introduction to Algorithms (3rd edition). Cambridge, Massachusetts: The MIT Press, 2009.

  30. Biham E, Shamir A. Differential cryptanalysis of DES-like cryptosystems. In Proc. the 10th Annual International Cryptology Conference, August 1990, pp.2–21.

  31. Biham E. On Matsui's linear cryptanalysis. In Proc. the 13th International Conference on the Theory and Applications of Cryptographic Techniques, May 1994, pp.341–355.

  32. Bogdanov A, Tischhauser E. On the wrong key randomisation and key equivalence hypotheses in Matsui's Algorithm 2. In Proc. the 20th International Workshop on Fast Software Encryption, March 2013.

Download references

Author information

Authors and Affiliations

  1. Beijing International Center for Mathematical Research, Peking University, Beijing, 100871, China

    Ming-Jie Liu

  2. China Information Technology Security Evaluation Center, Beijing, 100085, China

    Jia-Zhe Chen

Authors
  1. Ming-Jie Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jia-Zhe Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ming-Jie Liu.

Additional information

This work was supported by the National Basic Research 973 Program of China under Grant Nos. 2013CB834201 and 2013CB834205, the Postdoctoral Science Foundation of China under Grant No. 2013M540786, and the National Natural Science Foundation of China under Grant Nos. 61202493 and 61103237.

Electronic supplementary material

Below is the link to the electronic supplementary material.

ESM 1

(PDF 109 kb)

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Liu, MJ., Chen, JZ. Improved Linear Attacks on the Chinese Block Cipher Standard. J. Comput. Sci. Technol. 29, 1123–1133 (2014). https://doi.org/10.1007/s11390-014-1495-9

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11390-014-1495-9

Keywords

Search

Navigation