You are looking at a specific version 20060724:095712 of this paper.
See the latest version.
Paper 2006/250
Linear Cryptanalysis of CTC
Orr Dunkelman and Nathan Keller
Abstract
CTC is a toy cipher designed by Courtois in order to prove the strength of algebraic attacks. In this paper we study the differential and the linear behavior of the 85 S-boxes version, which is attacked using algebraic techniques faster than exhaustive key search. We show that an $n$-round variant of the cipher can be attacked by a linear attack using only $2^{2n+2}$ known plaintexts, with a negligible time complexity. We conclude that CTC is insecure, even for quite a large number of rounds. We note that our observations can be probably used to devise other attacks that exploit the relatively slow diffusion of CTC.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- cryptanalysisCTClinear cryptanalysis
- Contact author(s)
- orrd @ cs technion ac il
- History
- 2006-07-24: received
- Short URL
- https://ia.cr/2006/250
- License
-
CC BY