Linear Distinguishers in the Key-less Setting: Application to PRESENT

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedings – Annual report year: 2015Researchpeer-review

View graph of relations

The application of the concept of linear cryptanalysis to the domain of key-less primitives is largely an open problem. In this paper we, for the first time, propose a model in which its application is meaningful for distinguishing block ciphers.
Combining our model with ideas from message modification and rebound-like approaches, we initiate a study of cryptographic primitives with respect to this new attack vector and choose the lightweight block cipher PRESENT as an example target. This leads to known-key distinguishers over up to 27 rounds, whereas the best previous result is up to 18 rounds in the chosen-key model.
Original languageEnglish
Title of host publicationRevised Selected Papers of the 22nd International Workshop on Fast Software Encryption (FSE 2015)
EditorsGregor Leander
Publication date2015
ISBN (Print)978-3-662-48115-8
ISBN (Electronic)978-3-662-48116-5
Publication statusPublished - 2015
Event22nd International Workshop on Fast Software Encryption (FSE 2015) - Istanbul, Turkey
Duration: 8 Mar 201511 Mar 2015
Conference number: 22


Workshop22nd International Workshop on Fast Software Encryption (FSE 2015)
Internet address
SeriesLecture Notes in Computer Science
CitationsWeb of Science® Times Cited: No match on DOI

    Research areas

  • Hash function, Block cipher, Linear cryptanalysis, Distinguisher, PRESENT

ID: 118018425