Skip to main content
Conference ProceedingsOPEN ACCESS

New linear cryptanalytic results of reduced-round of CAST-128 and CAST-256

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2008) 5381 LNCS 429-441
DOI: 10.1007/978-3-642-04159-4_28
15Citations
Citations of this article
22Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

This paper presents a linear cryptanalysis for reduced round variants of CAST-128 and CAST-256 block ciphers. Compared with the linear relation of round function with the bias 2-17 by J. Nakahara et al., we found the more heavily biased linear approximations for 3 round functions and the highest one is 2-12.91. We can mount the known-plaintext attack on 6-round CAST-128 and the ciphertext-only attack on 4-round CAST-128. Moreover the known-plaintext attack on 24-round CAST-256 with key size 192 and 256 bits has been given, and the ciphertext-only attack on 21-round CAST-256 with key size 192 and 256 bits can be performed. At the same time, we also present the attack on 18-round CAST-256 with key size 128 bits. © 2009 Springer.

Author supplied keywords

Cite

CITATION STYLE

APA

Wang, M., Wang, X., & Hu, C. (2008). New linear cryptanalytic results of reduced-round of CAST-128 and CAST-256. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5381 LNCS, pp. 429–441). https://doi.org/10.1007/978-3-642-04159-4_28

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free