Discussion forum for Cryptology ePrint Archive
reports posted in 2013
. Please put the report number in the subject.
Posted by: jmclaugh
Date: 24 February 2013 21:12
Some of the material in this one has been rendered out-of-date by 2013/089. This being:
1.) The complexity calculations for the (new AND existing) attacks on Serpent in Section 5.2. An issue with the WKRH affecting linear attacks and variants thereof on Serpent came to light afterwards, and new complexity calculations and figures for the amount of key data recovered are given in Sections 4.1 and 4.2 of 2013/089
2.) This paper describes three forms of nonlinear attack - the "maximum-bias" model, the chi^2 model, and the LLR model. In my opinion, the LLR version of the nonlinear attack should now be considered to have been superseded by the filtered nonlinear attack in 2013/089.
(It still works as described, just not as well or as efficiently as the filtered attack, and is not so easy to reliably calculate the complexity for.)
This paper still covers ground that 2013/089 does not, so it's not simply a matter of 089 superseding it, but these issues need to be made clear.