Introduction
In the modern world, there is an acute question about the confidentiality of data during their exchange and storage, which is achieved through all possible methods of encryption. However, with the advent of new encryption algorithms, work begins to study ways to violate the confidentiality of data, that is, they are looking for attacks on them.
Nowadays, block encryption algorithms such as AES, "Grasshopper", etc. are widely used. Linear cryptanalysis is one of the potentially effective methods of attacking them. The basic concept of this method was presented by Mitsuru Matsui in his work “Linear Cryptoanalysis Method for DES Cipher” [1] in the 90s. The essence of this method will be described in section 2 of this article.
As an example of effective use of this method, a linear cryptanalysis of the block encryption algorithm NUSH [2] is presented , a brief reference to which will be given below.
Fundamentals of Linear Cryptanalysis
As it was written above, the essence of linear cryptanalysis is described in the “Linear Cryptoanalysis Method for DES Cipher”. When using linear cryptanalysis, it is assumed that the structure of the cipher is known and that the cryptanalyst has a sufficient statistical sample “ciphertext-public key” obtained on a single key.
After meeting the above requirements, the structure of the algorithm is replaced with a simple linear function. As a rule, the analysis of linear functions is much simpler than of nonlinear functions of the cipher itself, which can reduce the problem of analyzing a cipher to the analysis of its linear modification. Further, from the obtained system of functions, the cryptanalyst guesses the key bits with a certain probability.
Let the dot product of binary vectors modulo 2. And let the plaintext, ciphertext and key, respectively.
Definition 1
L:
, - .
, .
.
(Pilling-up , “ ”)
- , .
. 0 ,
1: , .
NUSH
2000 NESSIE , , LAN Crypto – NUSH. , (64, 128, 192 256 ).
S- P-, (XOR, AND ..). . , , , k – .
— . (start key) . : . , (subKey) - , # — , , , — j :
:
:
NUSH
, , , 1
. , . :
(1) (2)
# “AND” # “OR”.
, .
. , , , , .
5 . , , , , .
:
. , , , , , . :
. , , , , , , , . :
. ,
. . , .
, , , , , , , , , , , , , . :
:
. (3) , 29-
.
NUSH , (11) - . , .
1. - , (11).
2. , .
3. , .
The article presents the basic concept of linear cryptanalysis and considers an example of its application in the analysis of the NUSH encryption algorithm.
Literature
1. Mitsuru Matsui, Linear cryptoanalysis method for DES cipher, Advances in Cryptogy-Eurocrypt'93, Berlin: Springer-Verlag, 1993, 386-397.
2. Wu Wenling & Feng Dengguo, Linear cryptoanalysis of NUSH block cipher, Science in China (Seria F), February 2002, Vol. 45, no. 1.
3. M. Heys, A Tutorial on Linear and Differential Cryptoanalysis, Cryptologia, June 2001, Vol. 26 No. 3.
4.https://www.youtube.com/watch?v=nEHVfeaPjNw