A New Method for Known Plaintext Attack of FEAL Cipher

Matsui, Masanao; Yamagishi, A.

doi:10.1007/3-540-47555-9_7

Cited by 144 publications

(95 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Linear cryptanalysis was introduced in 1992 by Matsui and Yamagishi [84], who used it to analyse the FEAL cipher. In 1993, Matsui [83] presented a linear cryptanalysis attack on the full DES.…”

Section: Linear Cryptanalysismentioning

confidence: 99%

Cryptanalysis on Block Ciphers

Sakiyama

Sasaki

2015

Security of Block Ciphers

View full text Add to dashboard Cite

Section: Linear Cryptanalysismentioning

confidence: 99%

Cryptanalysis on Block Ciphers

Sakiyama

Sasaki

2015

Security of Block Ciphers

View full text Add to dashboard Cite

“…Other attacks are in [1549,1550]. The best attack is by Mitsuru Matsui and Atshuiro Yamagishi [1020]. This is the first use of linear cryptanalysis, and can break FEAL-4 with 5 known plaintexts, FEAL-6 with 100 known plaintexts and FEAL-8 with 2 15 known plaintexts.…”

Section: Cryptanalysis Of Fealmentioning

confidence: 99%

Applied cryptography: Protocols, algorithms, and source code in C

1994

Computer Law & Security Review

771

View full text Add to dashboard Cite

“…For S-box based ciphers it is possible to compute provable bounds on the security against the two most powerful cryptanalytic attacks -differential cryptanalysis [3] and linear cryptanalysis [19] (see e.g. [7]).…”

Section: Introductionmentioning

confidence: 99%

Automatic Search for the Best Trails in ARX: Application to Block Cipher Speck

Biryukov

Velichkov

Corre

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. We propose the first adaptation of Matsui's algorithm for finding the best differential and linear trails to the class of ARX ciphers. It is based on a branch-and-bound search strategy, does not use any heuristics and returns optimal results. The practical application of the new algorithm is demonstrated on reduced round variants of block ciphers from the Speck family. More specifically, we report the probabilities of the best differential trails for up to 10, 9, 8, 7, and 7 rounds of Speck32, Speck48, Speck64, Speck96 and Speck128 respectively, together with the exact number of differential trails that have the best probability. The new results are used to compute bounds, under the Markov assumption, on the security of Speck against single-trail differential cryptanalysis. Finally, we propose two new ARX primitives with provable bounds against single-trail differential and linear cryptanalysis -a long standing open problem in the area of ARX design.

show abstract

A New Method for Known Plaintext Attack of FEAL Cipher

Cited by 144 publications

References 2 publications

Cryptanalysis on Block Ciphers

Cryptanalysis on Block Ciphers

Applied cryptography: Protocols, algorithms, and source code in C

Automatic Search for the Best Trails in ARX: Application to Block Cipher Speck

Contact Info

Product

Resources

About