Statistical Model of Correlation Difference and Related-Key Linear Cryptanalysis
The goal of this work is to propose a related-key model for linear cryptanalysis. We start by giving the mean and variance of the difference of sampled correlations of two Boolean functions when using the same sample of inputs to compute both correlations. This result is further extended to determi...
Guardado en:
| Autor principal: | |
|---|---|
| Formato: | article |
| Lenguaje: | EN |
| Publicado: |
Ruhr-Universität Bochum
2021
|
| Materias: | |
| Acceso en línea: | https://doaj.org/article/88fc87ecc6ba463cb165ec33d49fd73c |
| Etiquetas: |
Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
| id |
oai:doaj.org-article:88fc87ecc6ba463cb165ec33d49fd73c |
|---|---|
| record_format |
dspace |
| spelling |
oai:doaj.org-article:88fc87ecc6ba463cb165ec33d49fd73c2021-12-03T14:38:29ZStatistical Model of Correlation Difference and Related-Key Linear Cryptanalysis10.46586/tosc.v2021.i4.124-1372519-173Xhttps://doaj.org/article/88fc87ecc6ba463cb165ec33d49fd73c2021-12-01T00:00:00Zhttps://tosc.iacr.org/index.php/ToSC/article/view/9331https://doaj.org/toc/2519-173X The goal of this work is to propose a related-key model for linear cryptanalysis. We start by giving the mean and variance of the difference of sampled correlations of two Boolean functions when using the same sample of inputs to compute both correlations. This result is further extended to determine the mean and variance of the difference of correlations of a pair of Boolean functions taken over a random data sample of fixed size and over a random pair of Boolean functions. We use the properties of the multinomial distribution to achieve these results without independence assumptions. Using multivariate normal approximation of the multinomial distribution we obtain that the distribution of the difference of related-key correlations is approximately normal. This result is then applied to existing related-key cryptanalyses. We obtain more accurate right-key and wrong-key distributions and remove artificial assumptions about independence of sampled correlations. We extend this study to using multiple linear approximations and propose a Χ2-type statistic, which is proven to be Χ2 distributed if the linear approximations are independent. We further examine this statistic for multidimensional linear approximation and discuss why removing the assumption about independence of linear approximations does not work in the related-key setting the same way as in the single-key setting. Kaisa NybergRuhr-Universität Bochumarticleblock cipherlinear cryptanalysisrelated-key attackstatistical modelComputer engineering. Computer hardwareTK7885-7895ENIACR Transactions on Symmetric Cryptology, Vol 2021, Iss 4 (2021) |
| institution |
DOAJ |
| collection |
DOAJ |
| language |
EN |
| topic |
block cipher linear cryptanalysis related-key attack statistical model Computer engineering. Computer hardware TK7885-7895 |
| spellingShingle |
block cipher linear cryptanalysis related-key attack statistical model Computer engineering. Computer hardware TK7885-7895 Kaisa Nyberg Statistical Model of Correlation Difference and Related-Key Linear Cryptanalysis |
| description |
The goal of this work is to propose a related-key model for linear cryptanalysis. We start by giving the mean and variance of the difference of sampled correlations of two Boolean functions when using the same sample of inputs to compute both correlations. This result is further extended to determine the mean and variance of the difference of correlations of a pair of Boolean functions taken over a random data sample of fixed size and over a random pair of Boolean functions. We use the properties of the multinomial distribution to achieve these results without independence assumptions. Using multivariate normal approximation of the multinomial distribution we obtain that the distribution of the difference of related-key correlations is approximately normal. This result is then applied to existing related-key cryptanalyses. We obtain more accurate right-key and wrong-key distributions and remove artificial assumptions about independence of sampled correlations. We extend this study to using multiple linear approximations and propose a Χ2-type statistic, which is proven to be Χ2 distributed if the linear approximations are independent. We further examine this statistic for multidimensional linear approximation and discuss why removing the assumption about independence of linear approximations does not work in the related-key setting the same way as in the single-key setting.
|
| format |
article |
| author |
Kaisa Nyberg |
| author_facet |
Kaisa Nyberg |
| author_sort |
Kaisa Nyberg |
| title |
Statistical Model of Correlation Difference and Related-Key Linear Cryptanalysis |
| title_short |
Statistical Model of Correlation Difference and Related-Key Linear Cryptanalysis |
| title_full |
Statistical Model of Correlation Difference and Related-Key Linear Cryptanalysis |
| title_fullStr |
Statistical Model of Correlation Difference and Related-Key Linear Cryptanalysis |
| title_full_unstemmed |
Statistical Model of Correlation Difference and Related-Key Linear Cryptanalysis |
| title_sort |
statistical model of correlation difference and related-key linear cryptanalysis |
| publisher |
Ruhr-Universität Bochum |
| publishDate |
2021 |
| url |
https://doaj.org/article/88fc87ecc6ba463cb165ec33d49fd73c |
| work_keys_str_mv |
AT kaisanyberg statisticalmodelofcorrelationdifferenceandrelatedkeylinearcryptanalysis |
| _version_ |
1718373160210923520 |