An Improvement of Linear Cryptanalysis with Addition Operations with Applications to FEAL-8X

FEAL is a Feistel cipher that uses addition operations. Since its introduction 26 years ago it played a key role in the development of many cryptanalytic techniques, including differential and linear cryptanalysis. For its 25th anniversary Mitsuru Matsui announced a challenge for an improved known plaintext attack on FEAL-8X. In this paper we describe our attack and introduce several improvements to linear cryptanalysis that allowed us to recover the key given \(2^{14}\) known plaintexts in about 14 h of computation, and led us to win the challenge. An especially interesting improvement considers the approximation of addition-based S-boxes by partitioning into several sets in a way that amplifies the bias, and therefore allows for a reduction in the number of required known plaintexts as well as saving computation time. We also describe attacks that require only a few (even 2 or 3) known plaintexts that recover the key much faster than exhaustive search.

[1]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[2]  Rainer A. Rueppel Advances in Cryptology — EUROCRYPT’ 92 , 2001, Lecture Notes in Computer Science.

[3]  Hiraku Okada,et al.  Technical Report of IEICE , 2000 .

[4]  Jean-Jacques Quisquater,et al.  How Easy is Collision Search. New Results and Applications to DES , 1989, CRYPTO.

[5]  David Chaum,et al.  Advances in Cryptology — EUROCRYPT’ 87 , 2000, Lecture Notes in Computer Science.

[6]  Carlo Harpes,et al.  Partitioning Cryptanalysis , 1997, FSE.

[7]  Pulak Mishra,et al.  Mergers, Acquisitions and Export Competitive- ness: Experience of Indian Manufacturing Sector , 2012 .

[8]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[9]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[10]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[11]  Kazuo Ohta,et al.  Linear Cryptanalysis of the Fast Data Encipherment Algorithm , 1994, CRYPTO.

[12]  Mitsuru Matsui,et al.  Linear Cryptanalysis of FEAL , 1998 .

[13]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[14]  Donald W. Davies,et al.  Advances in Cryptology — EUROCRYPT ’91 , 2001, Lecture Notes in Computer Science.

[15]  Shoji Miyaguchi,et al.  Fast Data Encipherment Algorithm FEAL , 1987, EUROCRYPT.

[16]  Eli Biham,et al.  On Matsui's Linear Cryptanalysis , 1994, EUROCRYPT.

[17]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[18]  Mitsuru Matsui,et al.  A New Method for Known Plaintext Attack of FEAL Cipher , 1992, EUROCRYPT.

[19]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[20]  Eli Biham,et al.  Differential Cryptanalysis of Feal and N-Hash , 1991, EUROCRYPT.

[21]  Kazuo Ohta,et al.  A Switching Closure Test to Analyze Cryptosystems , 1991, CRYPTO.