Success Probability in Chi2-Attacks

Knudsen and Meier applied the χ 2-attack to RC6. This attack is one of the most effective attacks for RC6. The χ 2-attack can be used for both distinguishing attacks and for key recovery attacks. Up to the present, theoretical analysis of χ 2-attacks, especially the relation between a distinguishing attack and a key recovery attack, has not been discussed. In this paper, we investigate the theoretical relation between the distinguishing attack and the key recovery attack for the first time, and prove the theorem to evaluate the success probability of a key recovery attack by using the results of a distinguishing attack. We also demonstrate the accuracy to χ 2-attack on RC5-64 and RC6 without post-whitening by comparing the implemented results.

[1]  Bruce Schneier,et al.  Mod n Cryptanalysis, with Applications Against RC5P and M6 , 1999, FSE.

[2]  Atsuko Miyaji,et al.  Cryptanalysis of the Reduced-Round RC6 , 2002, ICICS.

[3]  Atsuko Miyaji,et al.  Optimized χ^2 attack against RC6 , 2003 .

[4]  Willi Meier,et al.  Correlations in RC6 with a Reduced Number of Rounds , 2000, FSE.

[5]  Eyal Kushilevitz,et al.  Improved Cryptanalysis of RC5 , 1998, EUROCRYPT.

[6]  Antoine Joux,et al.  A Statistical Attack on RC6 , 2000, FSE.

[7]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[8]  Pascal Junod On the Complexity of Matsui's Attack , 2001, Selected Areas in Cryptography.

[9]  Neal Koblitz,et al.  Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[10]  Burton S. Kaliski,et al.  On Differential and Linear Crytoanalysis of the RC5 Encryption Algorithm , 1995, CRYPTO.

[11]  Donald E. Knuth,et al.  The art of computer programming. Vol.2: Seminumerical algorithms , 1981 .

[12]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[13]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[14]  G. W. Snedecor Statistical Methods , 1964 .

[15]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[16]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[17]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[18]  Serge Vaudenay,et al.  An experiment on DES statistical cryptanalysis , 1996, CCS '96.

[19]  Atsuko Miyaji,et al.  Known Plaintext Correlation Attack against RC5 , 2002, CT-RSA.

[20]  Bart Preneel,et al.  Topics in Cryptology — CT-RSA 2002 , 2002, Lecture Notes in Computer Science.

[21]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[22]  Joos Vandewalle,et al.  Linear Cryptanalysis of RC5 and RC6 , 1999, FSE.

[23]  Willi Meier,et al.  Improved Differential Attacks on RC5 , 1996, CRYPTO.

[24]  Helena Handschuh,et al.  x2 Cryptanalysis of the SEAL Encryption Algorithm , 1997, FSE.

[25]  Atsuko Miyaji,et al.  Optimized Chi2-Attack against RC6 , 2003, ACNS.