.. I hope you can help me in understanding your paper.



in the description of attack, in step 2 (of 4) computing the candidate for each K16[j],





S[j](EL16[j]XORa)=?S[j](EL'16[j]XORa) ---------(1)
has to be checked out forall j belongd to the set{1,2,3,4,5,6,7,8} and where "a" belongs to the set{0,1,2,3....63}

also, clearly EL16[ j ] NOT = EL'16[ j ]:

dose the above statement means

by changing the values of "a" for each S-box we have to check whether LHS of (1) are equal to RHS or not

If LHS=RHS that particular choice of K16[j] is correct;

If such equality of LHS and RHS are not found with any possibility of "a", then that choice of Ciphertext pairs has to be neglected and

new pair of Cipher texts has to be chosen to implement.


is the above explenation to step2 of 4 is correct or not ???????????????

Thanking you.



Edited 1 time(s). Last edit at 18-Jul-2008 07:47 by prasanth.thandra.