Talk:Linear cryptanalysis

From Wikipedia, the free encyclopedia

This article is part of WikiProject Cryptography, an attempt to build a comprehensive and detailed guide to cryptography on Wikipedia. If you would like to participate, you can choose to edit the article attached to this page, or visit the project page, where you can join the project and see a list of open tasks.

It is intended that this article be included in WikiReader Cryptography, a WikiReader on the topic of cryptography. Help and comments for improving this article would be especially welcome. A tool for coordinating the editing and review of these articles is the daily article box.

To-do list for Linear cryptanalysis:	edit · history · watch · refresh
Describe the statistical effect of a linear approximation. Describe how a bias can be used to recover a subkey. Discuss how characteristics can be used to find good linear approximations over several rounds. Provide a diagram

[edit] Comment from page

Well, in fact everybody knows (and Matsui himslef acknowledges ti in his paper) that LC was first invented by Hneri Gilbert and his student: see Anne Tardy-Corfdir, Henri Gilbert: A Known Plaintext Attack of FEAL-4 and FEAL-6, In Crypto'91, LNCS 576, Springer, pp. 172-181, 1992. —The preceding unsigned comment was added by 82.241.89.189 (talk • contribs) .

Hmm. Linear cryptanalysis seems to be widely attributed to Matsui. For example, Alex Biryukov, in his entry on "Linear Cryptanalysis" for the Encyclopedia of Cryptography and Data Security, asserted that the technique was introduced by Matsui in 1993. — Matt Crypto 18:44, 9 December 2005 (UTC)