- Trending Categories
- Data Structure
- Networking
- RDBMS
- Operating System
- Java
- MS Excel
- iOS
- HTML
- CSS
- Android
- Python
- C Programming
- C++
- C#
- MongoDB
- MySQL
- Javascript
- PHP
- Physics
- Chemistry
- Biology
- Mathematics
- English
- Economics
- Psychology
- Social Studies
- Fashion Studies
- Legal Studies

- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who

# What Is Linear Cryptanalysis in Information Security?

Linear cryptanalysis is a known plaintext attack, in which the attacker studies probabilistic linear relations referred to as linear approximations among parity bits of the plaintext, the Ciphertext and the hidden key.

In this approach, the attacker acquire high probability approximations for the parity bit of the hidden key by computing the parity bits of the known plaintexts and ciphertexts. By use of several approaches including the auxiliary technique, the attacker can extend the attack to discover extra bits of the secret key.

Linear cryptanalysis together with differential cryptanalysis are the generally used attacks on block ciphers. The linear cryptanalysis technique was first invented by Mitsuru Matsui who first used it to the FEAL cipher.

There are generally two parts to linear cryptanalysis such as the first is to make linear equations associating to plaintext, Ciphertext and key bits that have a large bias; that is whose probabilities of holding are as close as applicable to 0 0r 1.

The second part is to need these linear equations in conjunction with known plaintext-ciphertext pairs to drive key bits.

Linear Cryptanalysis uses linear approximation to model non-linear process in the encryption procedure. It can be using the approximation to a large amount of known plaintext will eventually find one key bit that is correct with a specific probability. Cipher-specific refinements of this approach can find multiple key-bits.

The linear cryptanalysis attack is based on discovering linear approximations to define the transformations implemented in Data Encryption Standard. This approach can discover a Data Encryption Standard key given 243 known plaintexts, as distinguished to 247 chosen plaintexts for differential cryptanalysis.

Even this is a minor progress, because it can be simpler to acquire known plaintext instead of chosen plaintext, and it can leaves linear cryptanalysis infeasible as an attack on Data Encryption Standard.

The objective of linear cryptanalysis is to discover an effective linear equation of the form −

$$\mathrm{P\left [ \alpha 1,\: \alpha 2\: ...\alpha a \right ] \oplus \, C\left [\beta 1,\: \beta 2\: ...\beta b \right ]=K\left [ \gamma 1,\, \gamma 2\: ...\gamma c \right ] }$$

(where x = 0 or 1; 1≤ a, b≤ n, 1 ≤ c ≤ m, and where the α, β and γ terms represent fixed, specific bit locations) that influence with probability p ≠ 0.5.

The further p is from 0.5, the more effective the equation. Because a prospective associations is decided, the process is to evaluate the results of the left hand side of the preceding equation for a high number of plaintext-ciphertext pairs. If the result is 0 more than half the time, assume K [γ1, γ2... γc] = 0.

If it is 1 most of the time, assume K [γ1, γ2 ... γc] = 1. This provides us a linear equation on the key bits. It can try to receive more such relations so that it can solve for the key bits. Because in this paper managing with linear equations, the problem can be approached one round of the cipher at a time, with the results connected.

- Related Articles
- What is the difference between Linear Cryptanalysis and Differential Cryptanalysis in Information Security?
- What is Cryptanalysis in Information Security?
- What is Differential Cryptanalysis in Information Security?
- What are the types of Cryptanalysis Attacks on AES in information security?
- What is information classification in information security?
- What is Physical Security in information security?
- What is Security Management in Information Security?
- What is Database Security in information security?
- What is Security Model in information security?
- What is the importance of Security Information Management in information security?
- What is Information Security?
- What is Management Information System in information security?
- What is Global information system in information security?
- What Is Network Security Management in information security?
- What is Mobile Database Security in information security?