Conference ProceedingsOPEN ACCESS

Improved upper bounds of differential and linear characteristic probability for camellia

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2002) 2365 128-142
DOI: 10.1007/3-540-45661-9_10
23Citations
Citations of this article
33Readers
Mendeley users who have this article in their library.
Get full text

Abstract

We discuss the security of the block cipher Camellia against differential attack and linear attack. The security of Camellia against these attacks has been evaluated by upper bounds of maximum differential characteristic probability (MDCP) and maximum linear characteristic probability (MLCP) calculated by the least numbers of active S-boxes which are found by a search method[2]. However, we found some truncated differential paths generated by the method have wrong properties. We show a new evaluation method for truncated differential and linear paths to discard such wrong paths by using linear equations systems and sets of nonzero conditions. By applying this technique to Camellia, we found tighter upper bounds of MDCP and MLCP for reduced-round Camellia. As a result, 10-round Camellia without FL/FL-1 has no differential and linear characteristic with probability higher than 2-128.

Cite

CITATION STYLE

APA

Shirai, T., Kanamaru, S., & Abe, G. (2002). Improved upper bounds of differential and linear characteristic probability for camellia. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2365, pp. 128–142). Springer Verlag. https://doi.org/10.1007/3-540-45661-9_10

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free