Improving linear cryptanalysis of LOKI91 by probabilistic counting method

Kouichi Sakurai, Souichi Furuya

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

We improve linear cryptanalysis by introducing a technique of probabilistic counting into the maximum likelihood stage. In the original linear cryptanalysis based on maximum likelihood method with deterministic counting, the number of effective key and text bits is a multiple of the number of bit involved in the input to some S-box. Then, when larger S-boxes are used, 2R-method and even the 1R-methods can become impractical just because the number of effective text and key bits become excessive. Though 2R-method is practical for attacking DES, existing examples of ciphers where 2R-method is impractical include LOKI91. We overcome this problem by selecting a part of the effective key bits and investigating the probabilistic behavior of the remained effective key bits. The previous attacks discusses deterministic evaluation of the given approximated formula only when all values of the effective text/key bits are known, while we compute the probability that the approximated formula with unknown inputs equals to zero. This extension of linear cryptanalysis make useful for 2R-attack on LOKI91, then improves the performance of previous attacks. Furthermore, we implemented some experiments of attacks on 4-round LOKI91, and confirmed the effectiveness of our method.

Original languageEnglish
Title of host publicationFast Software Encryption - 4th International Workshop, FSE 1997, Proceedings
EditorsEli Biham
PublisherSpringer Verlag
Pages114-133
Number of pages20
ISBN (Print)3540632476, 9783540632474
Publication statusPublished - Jan 1 1997
Event4th International Workshop on Fast Software Encryption, FSE 1997 - Haifa, Israel
Duration: Jan 20 1997Jan 22 1997

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume1267
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other4th International Workshop on Fast Software Encryption, FSE 1997
CountryIsrael
CityHaifa
Period1/20/971/22/97

Fingerprint

Linear Cryptanalysis
Counting
Attack
S-box
Maximum likelihood
Unknown Inputs
Maximum Likelihood Method
Maximum Likelihood
Evaluation
Zero
Experiment
Text

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Sakurai, K., & Furuya, S. (1997). Improving linear cryptanalysis of LOKI91 by probabilistic counting method. In E. Biham (Ed.), Fast Software Encryption - 4th International Workshop, FSE 1997, Proceedings (pp. 114-133). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 1267). Springer Verlag.

Improving linear cryptanalysis of LOKI91 by probabilistic counting method. / Sakurai, Kouichi; Furuya, Souichi.

Fast Software Encryption - 4th International Workshop, FSE 1997, Proceedings. ed. / Eli Biham. Springer Verlag, 1997. p. 114-133 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 1267).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Sakurai, K & Furuya, S 1997, Improving linear cryptanalysis of LOKI91 by probabilistic counting method. in E Biham (ed.), Fast Software Encryption - 4th International Workshop, FSE 1997, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 1267, Springer Verlag, pp. 114-133, 4th International Workshop on Fast Software Encryption, FSE 1997, Haifa, Israel, 1/20/97.
Sakurai K, Furuya S. Improving linear cryptanalysis of LOKI91 by probabilistic counting method. In Biham E, editor, Fast Software Encryption - 4th International Workshop, FSE 1997, Proceedings. Springer Verlag. 1997. p. 114-133. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
Sakurai, Kouichi ; Furuya, Souichi. / Improving linear cryptanalysis of LOKI91 by probabilistic counting method. Fast Software Encryption - 4th International Workshop, FSE 1997, Proceedings. editor / Eli Biham. Springer Verlag, 1997. pp. 114-133 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{d2688e99a71442d5810594c0aba14d89,
title = "Improving linear cryptanalysis of LOKI91 by probabilistic counting method",
abstract = "We improve linear cryptanalysis by introducing a technique of probabilistic counting into the maximum likelihood stage. In the original linear cryptanalysis based on maximum likelihood method with deterministic counting, the number of effective key and text bits is a multiple of the number of bit involved in the input to some S-box. Then, when larger S-boxes are used, 2R-method and even the 1R-methods can become impractical just because the number of effective text and key bits become excessive. Though 2R-method is practical for attacking DES, existing examples of ciphers where 2R-method is impractical include LOKI91. We overcome this problem by selecting a part of the effective key bits and investigating the probabilistic behavior of the remained effective key bits. The previous attacks discusses deterministic evaluation of the given approximated formula only when all values of the effective text/key bits are known, while we compute the probability that the approximated formula with unknown inputs equals to zero. This extension of linear cryptanalysis make useful for 2R-attack on LOKI91, then improves the performance of previous attacks. Furthermore, we implemented some experiments of attacks on 4-round LOKI91, and confirmed the effectiveness of our method.",
author = "Kouichi Sakurai and Souichi Furuya",
year = "1997",
month = "1",
day = "1",
language = "English",
isbn = "3540632476",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "114--133",
editor = "Eli Biham",
booktitle = "Fast Software Encryption - 4th International Workshop, FSE 1997, Proceedings",
address = "Germany",

}

TY - GEN

T1 - Improving linear cryptanalysis of LOKI91 by probabilistic counting method

AU - Sakurai, Kouichi

AU - Furuya, Souichi

PY - 1997/1/1

Y1 - 1997/1/1

N2 - We improve linear cryptanalysis by introducing a technique of probabilistic counting into the maximum likelihood stage. In the original linear cryptanalysis based on maximum likelihood method with deterministic counting, the number of effective key and text bits is a multiple of the number of bit involved in the input to some S-box. Then, when larger S-boxes are used, 2R-method and even the 1R-methods can become impractical just because the number of effective text and key bits become excessive. Though 2R-method is practical for attacking DES, existing examples of ciphers where 2R-method is impractical include LOKI91. We overcome this problem by selecting a part of the effective key bits and investigating the probabilistic behavior of the remained effective key bits. The previous attacks discusses deterministic evaluation of the given approximated formula only when all values of the effective text/key bits are known, while we compute the probability that the approximated formula with unknown inputs equals to zero. This extension of linear cryptanalysis make useful for 2R-attack on LOKI91, then improves the performance of previous attacks. Furthermore, we implemented some experiments of attacks on 4-round LOKI91, and confirmed the effectiveness of our method.

AB - We improve linear cryptanalysis by introducing a technique of probabilistic counting into the maximum likelihood stage. In the original linear cryptanalysis based on maximum likelihood method with deterministic counting, the number of effective key and text bits is a multiple of the number of bit involved in the input to some S-box. Then, when larger S-boxes are used, 2R-method and even the 1R-methods can become impractical just because the number of effective text and key bits become excessive. Though 2R-method is practical for attacking DES, existing examples of ciphers where 2R-method is impractical include LOKI91. We overcome this problem by selecting a part of the effective key bits and investigating the probabilistic behavior of the remained effective key bits. The previous attacks discusses deterministic evaluation of the given approximated formula only when all values of the effective text/key bits are known, while we compute the probability that the approximated formula with unknown inputs equals to zero. This extension of linear cryptanalysis make useful for 2R-attack on LOKI91, then improves the performance of previous attacks. Furthermore, we implemented some experiments of attacks on 4-round LOKI91, and confirmed the effectiveness of our method.

UR - http://www.scopus.com/inward/record.url?scp=84943147885&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84943147885&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84943147885

SN - 3540632476

SN - 9783540632474

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 114

EP - 133

BT - Fast Software Encryption - 4th International Workshop, FSE 1997, Proceedings

A2 - Biham, Eli

PB - Springer Verlag

ER -