## Cryptology ePrint Archive: Report 2009/463

On Linear Cryptanalysis with Many Linear Approximations

Benoit Gérard and Jean-Pierre Tillich

Abstract: In this paper we present a theoretical framework to quantify the information brought by several linear approximations of a block-cipher without putting any restriction on these approximations. We quantify here the entropy of the key given the plaintext-ciphertext pairs statistics which is a much more accurate measure than the ones studied earlier. The techniques which are developed here apply to various ways of performing the linear attack and can also been used to measure the entropy of the key for other statistical attacks. Moreover, we present a realistic attack on the full DES with a time complexity of $2^{48}$ for $2^{41}$ pairs what is a big improvement comparing to Matsui's algorithm 2 ($2^{51.9}$).

Category / Keywords: secret-key cryptography /

Publication Info: full version of the paper with same title which is going to be published in the proceedings of the 12th IMA Conference on Cryptography and Coding