Technical Report CS0813

TR#:CS0813
Class:CS
Title: ON MATSUI's LINEAR CRYPTANALYSIS.
Authors: E. Biham
PDFCS0813.pdf
Abstract:

In [9] Matsui introduced a new method of cryptanalysis called Linear Cryptanalysis. This method was used to attack DES using 2^{47} known plaintexts. In this paper we formalize this method and show that although in the details level this method is quite different from differential cryptanalysis, in the structural level that are very similar. For example, characteristics can be defined in linear cryptanalysis, but the concatenation rule has several important differences from the concatenation rule of differential cryptanalysis. We show that the attack of Davies on DES is closely related to linear cryptanalysis. We describe constraints on the size of S boxes caused by linear cryptanalysis. New results to Feal are also described.

CopyrightThe above paper is copyright by the Technion, Author(s), or others. Please contact the author(s) for more information

Remark: Any link to this technical report should be to this page (http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-info.cgi/1994/CS/CS0813), rather than to the URL of the PDF files directly. The latter URLs may change without notice.

To the list of the CS technical reports of 1994
To the main CS technical reports page

Computer science department, Technion
admin