Related-Key Linear Cryptanalysis

Poorvi L. Vora, Darakhshan J. Mir
2006 2006 IEEE International Symposium on Information Theory  
A coding theory framework for related-key linear cryptanalytic attacks on block ciphers is presented. It treats linear cryptanalysis as communication over a low capacity channel, and a related key attack (RKA) as a concatenated code. It is used to show that an RKA, using n related keys generated from k independent ones, can improve the amortized cost -in number of plaintext-ciphertext pairs per key bit determinedover that of k single key attacks, of any linear cryptanalysis, if k and n are
more » ... enough. The practical implications of this result are demonstrated through the design of an RKA, with k=5 and n=7, predicted to produce a 30% improvement for DES attacks that use an r-1 round approximation.
doi:10.1109/isit.2006.261548 dblp:conf/isit/VoraM06 fatcat:xq3k2r4bbzc4bkyngz6fk3h424