Abstract
At FSE 2014, Blondeau et al. proposed an exact expression of the bias of differential-linear approximation and a multidimensional generalization of differential-linear distinguisher. In this paper, we study the application of the theory to concrete designs. We first propose a meet-in-the-middle style searching-and-estimating process. Then, we show that the capacity of a multiple differential distinguisher using χ 2 statistical test can be written as the summation of squared correlations of several differential-linear distinguishers. This link provides us with another approach to estimating the theoretical capacity of multiple differential distinguisher.
We apply the above methods to CTC2. CTC2 was designed by Courtois to show the strength of algebraic cryptanalysis on block ciphers. For CTC2 with a 255-bit block size and key, we give a multiple differential attack against 11-round version, which to our knowledge is the best with respect to the number of attacked rounds. Experimental results firmly verify the correctness of the proposed method. The attack itself, and its potential to be further extended, reveals that the resistance of CTC2 against statistical attacks may be much weaker than expected before.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Biham, E., Dunkelman, O., Keller, N.: Enhancing differential-linear cryptanalysis. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 254–266. Springer, Heidelberg (2002)
Biham, E., Shamir, A.: Differential cryptanalysis of des-like cryptosystems. Journal of Cryptology 4(1), 3–72 (1991)
Biham, E., Shamir, A.: Differential cryptanalysis of the full 16-round des. In: Brickell, E.F. (ed.) Advances in Cryptology - CRYPTO 1992. LNCS, vol. 740, pp. 487–496. Springer, Heidelberg (1993)
Blondeau, C., Gérard, B., Nyberg, K.: Multiple differential cryptanalysis using LLR and χ 2 statistics. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 343–360. Springer, Heidelberg (2012)
Blondeau, C., Leander, G., Nyberg, K.: Differential-linear cryptanalysis revisited. In: FSE 2012. LNCS. Springer, Heidelberg (2014) (to appear)
Blondeau, C., Nyberg, K.: New links between differential and linear cryptanalysis. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 388–404. Springer, Heidelberg (2013)
Blondeau, C., Nyberg, K.: Links between truncated differential and multidimensional linear properties of block ciphers and underlying attack complexities. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 165–182. Springer, Heidelberg (2014)
Chabaud, F., Vaudenay, S.: Links between differential and linear cryptanalysis. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 356–365. Springer, Heidelberg (1995)
Cho, J.Y.: Linear cryptanalysis of reduced-round PRESENT. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 302–317. Springer, Heidelberg (2010)
Courtois, N.T.: Ctc2 and fast algebraic attacks on block ciphers revisisted. Tech. rep., Cryptology ePrint Archive, Report 2007/152 (2007), http://eprint.iacr.org
Dunkelman, O., Keller, N.: Cryptanalysis of CTC2. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 226–239. Springer, Heidelberg (2009)
Lallemand, V., Naya-Plasencia, M.: Cryptanalysis of klein. In: Fast Software Encryption (2014) (to appear)
Langford, S.K., Hellman, M.E.: Differential-linear cryptanalysis. In: Desmedt, Y.G. (ed.) Advances in Cryptology - CRYPTO 1994. LNCS, vol. 839, pp. 17–25. Springer, Heidelberg (1994)
Liu, Z., Gu, D., Zhang, J., Li, W.: Differential-multiple linear cryptanalysis. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 35–49. Springer, Heidelberg (2010)
Lu, J.: A methodology for differential-linear cryptanalysis and its applications. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 69–89. Springer, Heidelberg (2012)
Lu, J.: A methodology for differential-linear cryptanalysis and its applications. In: Designs, Codes and Cryptography pp. 1–38 (2014)
Matsui, M.: Linear cryptanalysis method for des cipher. In: Helleseth, T. (ed.) Advances in Cryptology - EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)
Matsui, M., Yamagishi, A.: A new method for known plaintext attack of feal cipher. In: Rueppel, R.A. (ed.) Advances in Cryptology - EUROCRYPT 1992. LNCS, vol. 658, pp. 81–91. Springer, Heidelberg (1993)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Guo, C., Zhang, H., Lin, D. (2015). Estimating Differential-Linear Distinguishers and Applications to CTC2. In: Lopez, J., Wu, Y. (eds) Information Security Practice and Experience. ISPEC 2015. Lecture Notes in Computer Science(), vol 9065. Springer, Cham. https://doi.org/10.1007/978-3-319-17533-1_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-17533-1_16
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17532-4
Online ISBN: 978-3-319-17533-1
eBook Packages: Computer ScienceComputer Science (R0)