Abstract
In this paper, we investigate an algorithm which can be used to compute improved estimates of squared correlations of linear approximations over key-alternating block ciphers. The algorithm was previously used by Cho [5] to compute estimates of expected squared correlations and capacities of multidimensional linear approximations of PRESENT. The goal of this paper is to investigate the applicability and usefulness of this algorithm for a nonbinary AES-like symmetric key-alternating block cipher DEAN designed by Baigneres et al. [2] who estimated that the best LLR-based distinguisher will require the full code book of about 260 known plaintext blocks to succeed over four rounds of DEAN. We give evidence that there is an LLR-based multidimensional linear distinguisher with estimated data complexity 250 over six rounds of DEAN. Turning this to a (partial) key-recovery attack over the full eight-round DEAN is likely to succeed.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
