An Extended Analysis of the Correlation Extraction Algorithm in the Context of Linear Cryptanalysis

In cryptography, techniques and tools developed in the subfield of linear cryptanalysis have previously successfully been used to allow attackers to break many sophisticated cryptographic ciphers. Since these linear cryptanalytic techniques require exploitable linear approximations to relate the inp...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:Quantum reports Ročník 6; číslo 4; s. 714 - 734
Hlavní autori: Graebnitz, Christoph, Pickel, Valentin, Eble, Holger, Morgner, Frank, Hattenbach, Hannes, Margraf, Marian
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Basel MDPI AG 01.12.2024
Predmet:
Algorithms
Approximation
Asymptotic methods
Bias
Boolean
Boolean functions
Codes
Complexity
correlation in linear cryptanalysis
Cryptography
Data encryption
linear approximation
linear cryptanalysis
Quantum computing
quantum computing in cryptanalysis
Random variables
Success
vectorial boolean functions
Walsh transforms
ISSN:2624-960X, 2624-960X
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:In cryptography, techniques and tools developed in the subfield of linear cryptanalysis have previously successfully been used to allow attackers to break many sophisticated cryptographic ciphers. Since these linear cryptanalytic techniques require exploitable linear approximations to relate the input and output of vectorial Boolean functions, e.g., the plaintext, ciphertext, and key of the cryptographic function, finding these approximations is essential. For this purpose, the Correlation Extraction Algorithm (CEA), which leverages the emerging field of quantum computing, appears promising. However, there has been no comprehensive analysis of the CEA regarding finding an exploitable linear approximation for linear cryptanalysis. In this paper, we conduct a thorough theoretical analysis of the CEA. We aim to investigate its potential in finding a linear approximation with prescribed statistical characteristics. To support our theoretical work, we also present the results of a small empirical study based on a computer simulation. The analysis in this paper shows that an approach that uses the CEA to find exploitable linear approximations has an asymptotic advantage, reducing a linear factor to a logarithmic one in terms of time complexity, and an exponential advantage in terms of space complexity compared to a classical approach that uses the fast Walsh transform. Furthermore, we show that in specific scenarios, CEA can exponentially reduce the search space for exploitable linear approximations in terms of the number of input bits of the cipher. Neglecting the unresolved issue of efficiently checking the property of linear approximations measured by the CEA, our results indicate that the CEA can support the linear cryptanalysis of vectorial Boolean functions with relatively few (e.g., n≤32) output bits.
Bibliografia:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2624-960X
2624-960X
DOI:10.3390/quantum6040043