Provable security of block ciphers against linear cryptanalysis: a mission impossible? |
| |
Authors: | Gilles Piret François-Xavier Standaert |
| |
Institution: | (1) Oberthur Card Systems, Nanterre, France;(2) Microelectronics Laboratory, UCL Crypto Group, Louvain-la-Neuve, Belgium |
| |
Abstract: | In this paper, we are concerned with the security of block ciphers against linear cryptanalysis and discuss the distance between
the so-called practical security approach and the actual theoretical security provided by a given cipher. For this purpose,
we present a number of illustrative experiments performed against small (i.e. computationally tractable) ciphers. We compare
the linear probability of the best linear characteristic and the actual best linear probability (averaged over all keys).
We also test the key equivalence hypothesis. Our experiments illustrate both that provable security against linear cryptanalysis
is not achieved by present design strategies and the relevance of the practical security approach. Finally, we discuss the
(im)possibility to derive actual design criteria from the intuitions underlined in these experiments.
F.-X. Standaert is a Postdoctoral researcher of the Belgian Fund for Scientific Research (FNRS). |
| |
Keywords: | Symmetric cryptography Block ciphers Linear cryptanalysis |
本文献已被 SpringerLink 等数据库收录! |