The Security of an RDES Cryptosystem against Linear Cryptanalysis (Special Section on Cryptography and Information Security)
スポンサーリンク
概要
- 論文の詳細を見る
RDES cryptosystem is an n-round DES in which an probabilistic swapping is added onto the right half of the input in each round. It is more effective than a simple increase of DES rounds for a countermeasure against differential attack. In this paper, we show that the RDES is also effective against linear cryptanalysis. We applied Matsui's search algorithm to find the best expression for RDES-1 and RDES-2. The results are as follows: (a) The 16-round RDES-1 is approximately as strong as a 22-round DES, and the 16-round RDES-2 is approximately as strong as a 29-round DES. (b) Linear cryptanalysis for a 16-round RDES-1 and a 16-round RDES-2 requires more than 2^<64> known-plaintexts.
- 社団法人電子情報通信学会の論文
- 1996-01-25
著者
-
Kaneko Toshinobu
Science University of Tokyo
-
Nakao Yasushi
Faculty Of Science And Technology Science University Of Tokyo:japan Ground Self-defence Force
-
KANEKO Toshinobu
Faculty of Science and Technology, Science University of Tokyo
-
KOYAMA Kenji
NTT Communication Science Laboratories
-
TERADA Routo
Dept. of Computer Science, University of Sao Paulo
-
Terada R
The Author Is With University Of Sao Paulo
-
Kaneko T
Sci. Univ. Tokyo Chiba Jpn
-
Kaneko T
Tokyo Univ. Sci. Noda‐shi Jpn
-
Kaneko Toshinobu
Faculty Of Science And Technology Tokyo Univeristy Of Science
-
Koyama K
Graduate School Of Engineering Shizuoka University
-
Kaneko Toshinobu
Faculty Of Science And Technology Science University Of Tokyo
関連論文
- Linear Cryptanalysis by Linear Sieve Method (Special Section on Cryptography and Information Security)
- FOREWORD (Special Section on Cryptography and Information Security)
- The Security of an RDES Cryptosystem against Linear Cryptanalysis (Special Section on Cryptography and Information Security)
- A MAC Forgery Attack on SOBER-128(Discrete Mathematics and Its Applications)
- Special Section on Cryptography and Information Security
- Evaluation of Performance of TCP on Mobile IP SHAKE(Selected Papers from ICMU 2004(First International Conference on Mobile Computing and Ubiquitous Networking))
- Demonstrating Possession without Revealing Factors (Special Section on Cryptography and Information Security)
- Two Discrete Log Algorithms for Super-Anomalous Elliptic Curves and Their Applications(Special Section on Cryptography and Information Security)
- Cryptographic Works of Dr. Kenji Koyama: In Memoria : Special Section on Cryptography and Information Security
- Efficient Cryptosystems over Elliptic Curves Based on a Product of Form-Free Primes (Special Section on Information Theory and Its Applications)
- A New RSA-Type Scheme Based on Singular Cubic Curves y^2≡x^3+bx^2 (mod n)
- Dynamic Swapping Schemes and Differential Cryptanalysis (Special Section on Information Theory and Its Applications)
- An Efficient Interpolation Attack(Special Section on Cryptography and Information Security)
- Optimized Linear Attack against Stream Ciphers of Pseudo Random Number Generators Using Non-linear Combiner (特集:新たな脅威に立ち向かうコンピュータセキュリティ技術)
- A New Version of FEAL, Stronger against Differential Cryptanalysis (Special Section on Cryptography and Information Security)
- A New RSA-Type Scheme Based on Singular Cubic Curves (y-αx)(y-βx )≡x^3 (mod n) (Special Section on Cryptography and Information Security)
- Improved Higher Order Differential Attack and Its Application to Nyberg-Knudsen's Designed Block Cipher
- Fast Exponentiation Algorithms Based on Batch-Processing and Precomputation (Special Section on Cryptography and Information Security)
- A Signed Binary Window Method for Fast Computing over Elliptic Curves (Special Section on Cryptography and Information Security)
- Elliptic Curve Cryptosystems and Their Applications
- Special Section on Information Theory and Its Applications
- Diffretial Cryptanalysis of CAST-256 Reduced to Nine Quad-Rounds(Special Section on Fundamentals of Information and Communications)
- On the Solutions of the Diophantine Equation x^3+y^3+z^3=n
- How to Strengthen DES-like Cryptosystems against Differential Cryptanalysis (Special Section on Cryptography and Information Security)
- Improved Elliptic Curve Methods for Factoring and Their Performance (Special Section on Cryptography and Information Security)