[Resource Topic] 2010/325: Effect of the Dependent Paths in Linear Hull

Welcome to the resource topic for 2010/325

Title:
Effect of the Dependent Paths in Linear Hull

Authors: Zhenli Dai, Meiqin Wang, Yue Sun

Abstract:

Linear Hull is a phenomenon that there are a lot of linear paths with the same data mask but different key masks for a block cipher. In 1994, K. Nyberg presented the effect on the key-recovery attack such as Algorithm 2 with linear hull, in which the required number of the known plaintexts can be decreased compared with that in the attack using an individual linear path. In 2009, S. Murphy proved that K. Nyberg’s results can only be used to give a lower bound on the data complexity and will be no use on the real linear cryptanalysis. In fact, the linear hull produces such positive effect in linear cryptanalysis only for some keys instead of the whole key space. So the linear hull can be used to improve the classic linear cryptanalysis for some weak keys. In the same year, K. Ohkuma gave the linear hull analysis on reduced-round PRESENT block cipher, and showed that there are 32\% weak keys of PRESENT which make the bias of a given linear hull with multiple paths more than a lower bound. However, K. Ohkuma has not considered the dependency of the multi-path, and his results are based on the assumption that the linear paths are independent. Actually, most of the linear paths are dependent in the linear hull. In this paper, we will analyze the dependency of the linear paths in a linear hull and the real effect of linear hull with the dependent linear paths. Firstly, we give the relation between the bias of a linear hull and its linear paths in linear cryptanalysis. Secondly, we present the formula to compute the rate of weak keys corresponding to the expected bias of the dependent paths. Based on the formula, we show that the dependency of linear paths reduces the number of weak keys corresponding to higher biases of the linear hull compared with that in the independent case. It means that the dependency of linear paths reduces the effect of linear hull. At last, we verify our conclusion by analyzing reduced-round of PRESENT.

ePrint: https://eprint.iacr.org/2010/325

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .