Linear Cryptanalysis of DES
The main goal of this diploma work is the implementation of Matsui's linear cryptanalysis of DES and a statistical and theoretical analysis of its complexity and success probability. In order to achieve this goal, we implement first a very fast DES routine on the Intel Pentium III MMX architecture which is optimised for linear cryptanalysis. New implementation concepts are applied, resulting in a speed increase of almost 50% towards the best known classical implementation. The experimental results suggest strongly that the attack is in average about 10 times faster (O(239) DES computations) as expected with 243 known plaintext-ciphertext at disposal; furthermore, we have achieved a complexity of O(243) by using only 242.5 known pairs. Last, we propose a new analytical expression which approximates success probabilities; it gives slightly better results than Matsui's experimental ones.
Record created on 2007-01-19, modified on 2016-08-08