Abstract
Linear cryptanalysis is one of the most important tools in use for the security evaluation of symmetric primitives. Many improvements and refinements have been published since its introduction, and many applications on different ciphers have been found. Among these upgrades, Collard et al. proposed in 2007 an acceleration of the key-recovery part of Algorithm 2 for last-round attacks based on the FFT. In this paper we present a generalized, matrix-based version of the previous algorithm which easily allows us to take into consideration an arbitrary number of key-recovery rounds. We also provide efficient variants that exploit the key-schedule relations and that can be combined with multiple linear attacks. Using our algorithms we provide some new cryptanalysis on PRESENT, including, to the best of our knowledge, the first attack on 28 rounds.
Author supplied keywords
Cite
CITATION STYLE
Flórez-Gutiérrez, A., & Naya-Plasencia, M. (2020). Improving key-recovery in linear attacks: Application to 28-round present. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 12105 LNCS, pp. 221–249). Springer. https://doi.org/10.1007/978-3-030-45721-1_9
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
