### Abstract

In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduing which consist in data-dapendent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 2^{2} additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2^{-17} by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one round approximation is better than 1/2 +2^{-17} through experiments. Then we construct 3-round linear approximation with P = 1/2 +2^{-17} using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 2^{36} chosen plaintexts with a probability of success of 78.5% and 15 ×2^{32}× 2^{36} ≈ 2^{65.7} encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.

Original language | English |
---|---|

Title of host publication | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |

Publisher | Springer Verlag |

Pages | 456-468 |

Number of pages | 13 |

Volume | 2513 |

ISBN (Print) | 3540001646 |

Publication status | Published - 2002 |

Event | 4th International Conference on Information and Communications Security, ICICS 2002 - Singapore, Singapore Duration: 2002 Dec 9 → 2002 Dec 12 |

### Publication series

Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|

Volume | 2513 |

ISSN (Print) | 03029743 |

ISSN (Electronic) | 16113349 |

### Other

Other | 4th International Conference on Information and Communications Security, ICICS 2002 |
---|---|

Country | Singapore |

City | Singapore |

Period | 02/12/9 → 02/12/12 |

### Fingerprint

### Keywords

- Block cipher
- CIKS-1(cipher with internal key scheduling)
- Data-dependent permutation
- Linear cryptanalysis

### ASJC Scopus subject areas

- Computer Science(all)
- Theoretical Computer Science

### Cite this

*Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)*(Vol. 2513, pp. 456-468). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2513). Springer Verlag.

**A chosen plaintext linear attack on block cipher CIKS-1.** / Lee, Changhoon; Hong, Deukjo; Lee, Sungjae; Lee, Sangjin; Yang, Hyungjin; Lim, Jong In.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

*Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).*vol. 2513, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 2513, Springer Verlag, pp. 456-468, 4th International Conference on Information and Communications Security, ICICS 2002, Singapore, Singapore, 02/12/9.

}

TY - GEN

T1 - A chosen plaintext linear attack on block cipher CIKS-1

AU - Lee, Changhoon

AU - Hong, Deukjo

AU - Lee, Sungjae

AU - Lee, Sangjin

AU - Yang, Hyungjin

AU - Lim, Jong In

PY - 2002

Y1 - 2002

N2 - In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduing which consist in data-dapendent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 22 additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2-17 by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one round approximation is better than 1/2 +2-17 through experiments. Then we construct 3-round linear approximation with P = 1/2 +2-17 using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 236 chosen plaintexts with a probability of success of 78.5% and 15 ×232× 236 ≈ 265.7 encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.

AB - In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations(DDP) and internal key scheduing which consist in data-dapendent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 22 additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2-17 by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one round approximation is better than 1/2 +2-17 through experiments. Then we construct 3-round linear approximation with P = 1/2 +2-17 using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 236 chosen plaintexts with a probability of success of 78.5% and 15 ×232× 236 ≈ 265.7 encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.

KW - Block cipher

KW - CIKS-1(cipher with internal key scheduling)

KW - Data-dependent permutation

KW - Linear cryptanalysis

UR - http://www.scopus.com/inward/record.url?scp=84944063721&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84944063721&partnerID=8YFLogxK

M3 - Conference contribution

SN - 3540001646

VL - 2513

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 456

EP - 468

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

PB - Springer Verlag

ER -