Mar 19 Block Cipher Cryptanalyses: Linear Cryptanalysis

Block Cipher Cryptanalysis

Modern block cipher cryptanalysis aims at either recovering the key with an effort smaller than bruteforce

Block cipher cryptanalyses are usually split into two families:

All the computationally secure ones produce a ctx where the probability that a bit is either one or zero is biased (= 1 ± ε) by the 2 ptx value

Goal: find such relations between ptx and ctx, and exploit the statistical biases to extract a portion of the key

Without S-Boxes, the linear relations between ptx and ctx bits are always hold( i.e. with probability = 1)