1 Department of Mathematics, Technical University of Denmark2 Discrete mathematics, Department of Mathematics, Technical University of Denmark3 Cryptology, Department of Applied Mathematics and Computer Science, Technical University of Denmark
We use large but sparse correlation and transition-difference-probability submatrices to find the best linear and differential approximations respectively on PRESENT-like ciphers. This outperforms the branch and bound algorithm when the number of low-weight differential and linear characteristics grows exponentially which is the case in PRESENT-like ciphers. We found linear distinguishers on 23 rounds of the SPONGENT permutation. We also found better linear approximations on PRESENT using trails covering at most 4 active Sboxes which give us 24-round statistical saturation distinguishers which could be used to break 26 rounds of PRESENT.
Lecture Notes in Computer Science: 15th International Conference, Seoul, Korea, November 28-30, 2012, Revised Selected Papers, 2012, p. 368-382
Main Research Area:
Lecture Notes in Computer Science
15th Annual International Conference on Information Security and Cryptology (ICISC 2012)Information Security and Cryptology