TY - JOUR AU - Lee, Jung-Keun AU - Kim, Woo-Hwan PY - 2020/01/31 Y2 - 2024/03/29 TI - Multiple Linear Cryptanalysis Using Linear Statistics JF - IACR Transactions on Symmetric Cryptology JA - ToSC VL - 2019 IS - 4 SE - Articles DO - 10.13154/tosc.v2019.i4.369-406 UR - https://tosc.iacr.org/index.php/ToSC/article/view/8469 SP - 369-406 AB - <p>We propose an improved and extended approach of the multiple linear cryptanalysis presented by A. Biryukov et al. at CRYPTO 2004 that exploits dominant and statistically independent linear trails. While they presented only rank based attacks with success probability 1, we present threshold based attacks as well as rank based ones using newly introduced statistic that is a linear combination of the component statistics for the trails and is an approximation of the LLR statistic. The rank based Algorithm 1 style attack yields the same estimate for the gain with Biryukov et al.’s Algorithm 1 style attack. For each of the threshold based Algorithm 1 style and Algorithm 2 style attacks, we provide a formula for its advantage in terms of the correlations of the trails, the data complexity, and the success probability in case the aimed success probability is not 1. Combining the threshold based attacks with the rank based ones, we get attacks each of which has better estimates for the advantage compared to the threshold based one in case the aimed success probability is close to 1. We then extend the methods to get a new framework of multiple linear attacks exploiting close-to-dominant linear trails that may not be statistically independent. We apply the methods to full DES and get linear attacks using 4 linear trails with about the same or better complexity compared to those presented at ASIACRYPT 2017 that use 4 additional trails. With data complexity less than 2<sup>41</sup>, the attack has better complexity than existing attacks on DES.</p> ER -