Abstract:
Linear cryptanalysis has been proven to be a powerful attack that can be applied to a number of symmetric block ciphers. However, conventional linear cryptanalysis is ineffective in attacking ciphers that use key-dependent operations, such as ICE, Lucifer and SAFER. In this paper conditional linear cryptanalysis, which uses characteristics that depend on some key-bit values, is introduced. This technique and its application to symmetric ciphers are analysed. The consequences of using key-dependent characteristics are explained and a formal notation of conditional linear cryptanalysis is presented. As a case study, conditional linear cryptanalysis is applied to the ICE cipher, which uses key-dependant operations to improve resistance against cryptanalysis. A successful attack on ThinICE using the new technique is presented. Further, experimental work supporting the effectiveness of conditional linear cryptanalysis is also detailed.,