Multidimensional Zero-Correlation Linear Cryptanalysis of the Block Cipher KASUMI

The block cipher KASUMI is widely used for security in many synchronous wireless standards. It was proposed by ETSI SAGE for usage in 3GPP (3rd Generation Partnership Project) ciphering algorthms in 2001. There are a great deal of cryptanalytic results on KASUMI, however, its security evaluation against the recent zero-correlation linear attacks is still lacking so far. In this paper, we select some special input masks to refine the general 5-round zero-correlation linear approximations combining with some observations on the $FL$ functions and then propose the 6-round zero-correlation linear attack on KASUMI. Moreover, zero-correlation linear attacks on the last 7-round KASUMI are also introduced under some weak keys conditions. These weak keys take $2^{-14}$ of the whole key space. The new zero-correlation linear attack on the 6-round needs about $2^{85}$ encryptions with $2^{62.8}$ known plaintexts. For the attack under weak keys conditions on the last 7 round, the data complexity is about $2^{62.1}$ known plaintexts and the time complexity $2^{110.5}$ encryptions

Multilinear singular and fractional integral operators on weighted Morrey spaces

In this paper, we will study the boundedness properties of multilinear Calderon--Zygmund operators and multilinear fractional integrals on products of weighted Morrey spaces with multiple weights.Comment: 21 page

Characterizations of the Degraded Boolean Function and Cryptanalysis of the SAFER Family

This paper investigates the degradation properties of Boolean functions from the aspects of the distributions of dierences and linear masks, and shows two characterizations of the degraded Boolean function. One is that there exists a linear space of the input dierences, where the dierentials with the zero output dierence have probability 1; Another one is that the input linear masks of the nonzero-correlation linear approximations are included in a linear space. Those two linear spaces are orthogonal spaces. Moreover, the degradation properties are showed about the exponentiation type S-box of the SAFER block ciphers, which are applied to reduce the compute complexity in the zero-correlation linear attacks on 5-round SAFER SK/128, 4(5)-round SAFER+/128(256) and 5(6)-round SAFER++/128(256). In the attacks, some of the linear properties of PHT employed as the linear layer by the SAFER block ciphers are investigated and some zero-correlation approximations for SAFER SK, SAFER+, and SAFER++ are identied, when only the least one or two signicant bits are considered. The results show that more rounds of some of the SAFER block ciphers can be attacked, by considering the degradation properties and the zero-correlation linear relations

Improved Integral and Zero-correlation Linear Cryptanalysis of Reduced-round CLEFIA Block Cipher

CLEFIA is a block cipher developed by Sony Corporation in 2007. It is a recommended cipher of CRYPTREC, and has been adopted as ISO/IEC international standard in lightweight cryptography. In this paper, some new 9-round zero-correlation linear distinguishers of CLEFIA are constructed with the input masks and output masks being independent, which allow multiple zero-correlation linear attacks on 14/15-rounds CLEAIA-192/256 with the partial sum technique. Furthermore, the relations between integral distinguishers and zero-correlation linear approximations are improved, and some new integral distinguishers over 9-round are deduced from zero-correlation linear approximations. By using these integral distinguishers and the partial sum technique, the previous integral results on CLEFIA are improved. The two results have either one more rounds or lower time complexity than previous attack results by means of integral and zero-correlation linear cryptanalysis

Estimates for the commutator of bilinear Fourier multiplier

summary:Let $b_1, b_2 \in {\rm BMO}(\mathbb {R}^n)$ and $T_{\sigma }$ be a bilinear Fourier multiplier operator with associated multiplier $\sigma$ satisfying the Sobolev regularity that $\sup _{\kappa \in \mathbb {Z}} \|\sigma _{\kappa }\| _{W^{s_1,s_2}(\mathbb {R}^{2n})}<\infty$ for some $s_1,s_2\in (n/2,n]$. In this paper, the behavior on $L^{p_1}(\mathbb {R}^n)\times L^{p_2}(\mathbb {R}^n)$ $(p_1,p_2\in (1,\infty ))$, on $H^1(\mathbb {R}^n)\times L^{p_2}(\mathbb {R}^n)$ $(p_2\in [2,\infty ))$, and on $H^1(\mathbb {R}^n)\times H^1(\mathbb {R}^n)$, is considered for the commutator $T_{{\sigma }, \vec {b}}$ defined by $$\begin {aligned} T_{\sigma ,\vec {b}} (f_1,f_2) (x)=&b_1(x)T_{\sigma }(f_1, f_2)(x)-T_{\sigma }(b_1f_1, f_2)(x) &+ b_2(x)T_{\sigma }(f_1, f_2)(x)-T_{\sigma }(f_1, b_2f_2)(x) . \end {aligned}$$ By kernel estimates of the bilinear Fourier multiplier operators and employing some techniques in the theory of bilinear singular integral operators, it is proved that these mapping properties are very similar to those of the bilinear Fourier multiplier operator which were established by Miyachi and Tomita