The Piling-Up Lemma and Dependent Random Variables
暂无分享,去创建一个
In a linear cryptanalysis attack, several assumptions are made by the attacker. One of them is that the threefold sums used in the attack are independent. This allows one to apply then the Piling-up Lemma to them. According to this lemma, the imbalance of a sum modulo 2 of independent, binary-valued random variables is equal to the product of their imbalances. It is shown here that in some cases, both quantities can differ considerably for dependent random variables, but that they are almost equal for virtually all binary-valued random variables when the sample space on which these are defined is large enough.
[1] Jean-Jacques Quisquater,et al. Advances in Cryptology — EUROCRYPT ’95 , 2001, Lecture Notes in Computer Science.
[2] Mitsuru Matsui,et al. Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.
[3] Tor Helleseth,et al. Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.
[4] Carlo Harpes. Cryptanalysis of iterated block ciphers , 1996 .
[5] C. Harpes. A Generalization of Linear Cryptanalysis Applied to SAFER , 1995 .