Abstract
This paper introduces a new chosen text attack on iterated cryptosystems, such as the Data Encryption Standard (DES). The attack is very efficient for 8-round DES,2 recovering 10 bits of key with 80% probability of success using only 512 chosen plaintexts. The probability of success increases to 95% using 768 chosen plaintexts. More key can be recovered with reduced probability of success. The attack takes less than 10 seconds on a SUN-4 workstation. While comparable in speed to existing attacks, this 8-round attack represents an order of magnitude improvement in the amount of required text.
This author was supported by NSF grant NCR-9205663
Because FIPS PUB 46 specifies 16 rounds as part of the standard, strictly speaking, we should use the more cumbersome term “DES reduced to 8 rounds.” While for ease of exposition we use the simpler “8-round DES” the reader should remember what is intended.
Chapter PDF
Similar content being viewed by others
References
E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Berlin: Springer-Verlag, 1993.
W. Diffie and M. Hellman, “Exhaustive Cryptanalysis of the NBS Data Encryption Standard,” Computer, vol.10, no. 6, June 1977, pp. 74–84.
M. Matsui, “Linear Cryptanalysis Method for DES Cipher,” Advances in Cryptology-EUROCRYPT’ 93 Proceedings, Berlin: Springer-Verlag, 1994, to appear.
M. Matsui, “Linear Cryptanalysis of DES Cipher (I),” Journal of Cryptology, to appear.
M. Matsui, “The first experimental cryptanalysis of the Data Encryption Standard,” Advances in Cryptology-Crypto’ 94 Proceedings, Springer-Verlag, to appear.
National Bureau of Standards, Data Encryption Standard, U.S. Department of Commerce, FIPS pub. 46, January 1977.
M. Wiener, “Efficient DES Key Search,” Advances in Cryptology Crypto’ 93 Proceedings, Springer-Verlag, to appear.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1994 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Langford, S.K., Hellman, M.E. (1994). Differential-Linear Cryptanalysis. In: Desmedt, Y.G. (eds) Advances in Cryptology — CRYPTO ’94. CRYPTO 1994. Lecture Notes in Computer Science, vol 839. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48658-5_3
Download citation
DOI: https://doi.org/10.1007/3-540-48658-5_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-58333-2
Online ISBN: 978-3-540-48658-9
eBook Packages: Springer Book Archive