Differential-Linear Cryptanalysis of FEAL-8 (Special Section on Cryptography and Information Security)
スポンサーリンク
概要
- 論文の詳細を見る
In CRYPTO'94, Langford and Hellman attacked DES reduced to 8-round in the chosen plaintext scenario by their "differential-linear cryptanalysis," which is a combination of differential cryptanalysis and linear cryptanalysis. In this paper, a historical review of differential-linear cryptanalysis, our formalization of differential-linear cryptanalysis, and the application of differential-linear cryptanalysis to FEAL-8 are presented. As a result, though the previous best method (differential cryptanalysis) required 128 chosen plaintexts, only 12 chosen plaintexts are sufficient, in computer experimentations, to attack FEAL-8.
- 社団法人電子情報通信学会の論文
- 1996-01-25
著者
-
AOKI Kazumaro
NTT Laboratories
-
Ohta Kazuo
Department Of Mathematics School Of Science And Engineering Waseda University
-
Ohta Kazuo
Department Of Informatics The University Of Electro-communications
関連論文
- Toward the Fair Anonymous Signatures : Deniable Ring Signatures(Signatures,Cryptography and Information Security)
- E2-A New 128-Bit Block Cipher(Special Section on Cryptography and Information Security)
- Extension of Secret Handshake Protocols with Multiple Groups in Monotone Condition
- Cryptanalysis of Two MD5-Based Authentication Protocols : APOP and NMAC
- Practical Password Recovery Attacks on MD4 Based Prefix and Hybrid Authentication Protocols
- Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication
- A Strict Evaluation on the Number of Conditions for SHA-1 Collision Search
- New Message Differences for Collision Attacks on MD4 and MD5
- Improved Collision Attacks on MD4 and MD5(Hash Functions,Cryptography and Information Security)
- Universally composable client-to-client general authenticated key exchange (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- Strict Evaluation of the Maximum Average of Differential Probability and the Maximum Average of Linear Probability (Special Section on Cryptography and Information Security)
- Linear Cryptanalysis of FEAL (Special Section on Cryptography and Information Security)
- Key-Dependency of Linear Probability of RC5 (Special Section on Cryptography and Information Security)
- The Best Linear Expression Search of FEAL (Special Section on Cryptography and Information Security)
- On Clock-Based Fault Analysis Attack for an AES Hardware Using RSL
- Universally Composable Hierarchical Hybrid Authenticated Key Exchange(Protocols,Cryptography and Information Security)
- Optimized Software Implementations of E2(Special Section on Cryptography and Information Security)
- Improved Collision Search for Hash Functions : New Advanced Message Modification
- Probabilistic Multi-Signature Schemes Using a One-Way Trapdoor Permutation(Discrete Mathematics and Its Applications)
- Provably Secure Multisignatures in Formal Security Model and Their Optimality
- Power Analysis against a DPA-Resistant S-Box Implementation Based on the Fourier Transform
- Near-Collision Attacks on MD4 : Applied to MD4-Based Protocols
- Maurer-Yacobi ID-Based Key Distribution Revisited(Discrete Mathematics and Its Applications)
- Security of Cryptosystems Using Merkle-Damgard in the Random Oracle Model
- Visual Secret Sharing Schemes for Multiple Secret Images Allowing the Rotation of Shares(Discrete Mathematics and Its Applications)
- Ring signatures: universally composable definitions and constructions (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- The Best Differential Characteristic Search of FEAL (Special Section on Cryptography and Information Security)
- Practical Evaluation of Security against Generalized Interpolation Attack(Special Section on Cryptography and Information Security)
- Differential-Linear Cryptanalysis of FEAL-8 (Special Section on Cryptography and Information Security)
- Meet-in-the-Middle (Second) Preimage Attacks on Two Double-Branch Hash Functions RIPEMD and RIPEMD-128
- Toward Effective Countermeasures against an Improved Fault Sensitivity Analysis