论文信息 - Overestimates for the Gain of Multiple Linear Approximations in Symmetric Cryptology

Overestimates for the Gain of Multiple Linear Approximations in Symmetric Cryptology

This paper shows that Corollary 1 of “On Multiple Linear Approximations” is incorrect. In particular, the value given for the gain by Corollary 1 is likely to be a significant overestimate of this quantity. Thus, any data requirements for linear cryptanalysis with multiple linear approximations based on this value for the gain are highly questionable.

S. Murphy

[1] Matthew J. B. Robshaw,et al. Linear Cryptanalysis Using Multiple Approximations , 1994, CRYPTO.

[2] Matthew J. B. Robshaw,et al. Linear Cryptanalysis Using Multiple Approximations and FEAL , 1994, FSE.

[3] S. Murphy,et al. The Independence of Linear Approximations in Symmetric Cryptanalysis , 2006, IEEE Transactions on Information Theory.