Multiple differential-zero correlation linear cryptanalysis of reduced-round CAST-256
| Autor: | Massoud Hadian Dehkordi, Roghayeh Taghizadeh |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2017 |
| Předmět: |
Differential cryptanalysis
Zero correlation linear approximation Applied Mathematics 020207 software engineering 02 engineering and technology Higher-order differential cryptanalysis Computer Science Applications zero correlation linear attack Computational Mathematics Piling-up lemma Linear cryptanalysis 0202 electrical engineering electronic engineering information engineering QA1-939 Applied mathematics symmetric-key block cipher 020201 artificial intelligence & image processing cast-256 Linear approximation 94a60 Differential (mathematics) Mathematics differential cryptanalysis |
| Zdroj: | Journal of Mathematical Cryptology, Vol 11, Iss 2, Pp 55-62 (2017) |
| ISSN: | 1862-2984 1862-2976 2016-0054 |
| Popis: | CAST-256 (or CAST6) is a symmetric-key block cipher published in June 1998. It was submitted as a candidate for Advanced Encryption Standard (AES). In this paper, we will propose a new chosen text attack, the multiple differential-zero correlation linear attack, to analyze the CAST-256 block cipher. Our attack is the best-known attack on CAST-256 according to the number of rounds without the weak-key assumption. We first construct a 30-round differential-zero correlation linear distinguisher. Based on the distinguisher, we propose a first 33-round attack on CAST-256 with data complexity of 2 115.63 {2^{115.63}} and time complexity 2 238.26 {2^{238.26}} . In the end, the 111-bit subkey is recovering. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|