摘要
该文提出一种新的求取分组密码线性偏差上界的方法,特别适用于密钥线性作用的Feistel密码。该分析方法的思路是,首先对密码体制线性偏差进行严格的数学描述,分别给出密码线性偏差与轮函数F及S盒的线性偏差的数学关系;然后通过求取线性方程组最小重量解,确定密码线性偏差的上界。
In this paper, a new method is proposed for seeking the upper bounds of maximum linear bias for block ciphers, which is especially applicable to a class of Feistel ciphers that key is XORed with data. This technique consists of two steps. Firstly, the mathematical relationship between linear bias of ciphers and linear bias of round function F and S-box respectively is given by carrying out strictly mathematical expression of linear bias for ciphers. Next, the upper bounds of linear bias for ciphers are determined by seeking the solution with minimum weight for linear equation group. Using this method the upper bounds of linear bias within 32 rounds are given.
出处
《电子与信息学报》
EI
CSCD
北大核心
2003年第9期1237-1242,共6页
Journal of Electronics & Information Technology
基金
973项目(NO.G1999035808)
��863项目(NO.2001AA140101)
