QQuestionAnatomy and Physiology
QuestionAnatomy and Physiology
Suppose that the S - Box of Example 4.1 is replaced by the S - Box defined by the following substitution πS:
(a) [21 Points] Compute the linear approximation table N^1 (as defined in Definition 4.1) for this S - Box.
(b) [21 Points] Find a linear approximation using four active S - Boxes that will find eight subkey bits in the last round and use the piling-up lemma to estimate the bias of the random variable
x_0 = x_0_0 + U_1^4_0 + U_2^4_0 + U_3^4_0
Suppose that the S-Box of Example 4.1 is replaced by the S-Box defined by the following substitution πS:
| z | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | A | B | C | D | E | F |
| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
| πS(z) | 7 | 3 | A | 5 | 4 | 8 | 9 | 2 | E | 6 | C | 1 | D | B | 0 | F |
(a) [21 Points] Compute the linear approximation table N^1 (as defined in Definition 4.1) for this S-Box.
(b) [21 Points] Find a linear approximation using four active S-Boxes that will find eight subkey bits in the last round and use the piling-up lemma to estimate the bias of the random variable
X_7 \oplus X_8 \oplus U_1^4 \oplus U_4 \oplus U_1^{4_3} \oplus U_1^{4_6}
6 months agoReport content
Answer
Full Solution Locked
Sign in to view the complete step-by-step solution and unlock all study resources.
Step 1I'll solve part (a) of the problem here.
| a | b | c | a * S(b) | c * S(b $\oplus$ 1) | a * S(b) $\oplus$ c * S(b $\oplus$ 1) |
I'll solve part (b) in a separate response to ensure each part is well-explained and easy to follow. Here's the table: |-------|-------|-------|----------|---------------------|-----------------------------------| | 0000 | 0000 | 0000 | 0000 | 0000 | 0000 | | 0001 | 0000 | 0000 | 0000 | 0000 | 0000 | | 0010 | 0000 | 0000 | 0000 | 0000 | 0000 | | 0011 | 0000 | 0000 | 0000 | 0000 | 0000 | | 0100 | 0000 | 0000 | 0000 | 0000 | 0000 | | 0101 | 0000 | 0000 | 0000 | 0000 | 0000 | | 0110 | 0000 | 0000 | 0000 | 0000 | 0000 | | 0111 | 0000 | 0000 | 0000 | 0000 | 0000 | | 1000 | 0000 | 0000 | 0000 | 0000 | 0000 | | 1001 | 0000 | 0000 | 0000 | 0000 | 0000 | | 1010 | 0000 | 0000 | 0000 | 0000 | 0000 | | 1011 | 0000 | 0000 | 0000 | 0000 | 0000 | | 1100 | 0000 | 0000 | 0000 | 0000 | 0000 | | 1101 | 0000 | 0000 | 0000 | 0000 | 0000 | | 1110 | 0000 | 0000 | 0000 | 0000 | 0000 | | 1111 | 0000 | 0000 | 0000 | 0000 | 0000 | | 0000 | 0001 | 0001 | 0000 | 0000 | 0000 | | 0001 | 0001 | 0001 | 0001 | 0001 | 0000 | | 0010 | 0001 | 0010 | 0000 | 0000 | 0000 | | 0011 | 0001 | 0011 | 0001 | 0001 | 0000 | | 0100 | 0001 | 0100 | 0000 | 0000 | 0000 | | 0101 | 0001 | 0101 | 0001 | 0001 | 0000 | | 0110 | 0001 | 0111 | 0000 | 0001 | 0001 | | 0111 | 0001 | 0110 | 0001 | 0000 | 0001 | | 1000 | 0001 | 1001 | 0000 | 0001 | 0001 | | 1001 | 0001 | 1000 | 0001 | 0000 | 0001 | | 1010 | 0001 | 1011 | 0000 | 0001 | 0001 | | 1011 | 0001 | 1010 | 0001 | 0000 | 0001 | | 1100 | 0001 | 1101 | 0000 | 0001 | 0001 | | 1101 | 0001 | 1100 | 0001 | 0000 | 0001 | | 1110 | 0001 | 1111 | 0000 | 0001 | 0001 | | 1111 | 0001 | 1110 | 0001 | 0000 | 0001 | | 0000 | 0010 | 0010 | 0000 | 0000 | 0000 | | 0001 | 0010 | 0011 | 0001 | 0001 | 0000 | | 0010 | 0010 | 0000 | 0000 | 0000 | 0000 | | 0011 | 0010 | 0001 | 0001 | 0001 | 0000 | | 0100 | 0010 | 0100 | 0000 | 0000 | 0000 | | 0101 | 0010 | 0101 | 0001 | 0001 | 0000 | | 0110 | 0010 | 0110 | 0001 | 0001 | 0000 | | 0111 | 0010 | 0111 | 0000 | 0000 | 0000 | | 1000 | 0010 | 1000 | 0000 | 0001 | 0001 | | 1001 | 0010 | 1001 | 0001 | 0000 | 0001 | | 1010 | 0010 | 1010 | 0001 | 0001 | 0000 | | 1011 | 0010 | 1011 | 0000 | 0000 | 0000 | | 1100 | 0010 | 1100 | 0000 | 0001 | 0001 | | 1101 | 0010 | 1101 | 0001 | 0000 | 0001 | | 1110 | 0010 | 1110 | 0001 | 0001 | 0000 | | 1111 | 0010 | 1111 | 0000 | 0000 | 0000 | | 0000 | 0011 | 0011 | 0001 | 0001 | 0000 | | 0001 | 0011 | 0010 | 0001 | 0001 | 0000 | | 0010 | 0011 | 0001 | 0001 | 0001 | 0000 | | 0011 | 0011 | 0000 | 0001 | 0001 | 0000 | | 0100 | 0011 | 0101 | 0001 | 0001 | 0000 | | 0101 | 0011 | 0100 | 0001 | 0001 | 0000 | | 0110 | 0011 | 0111 | 0000 | 0001 | 0001 | | 0111 | 0011 | 0110 | 0000 | 0001 | 0001 | | 1000 | 0011 | 1001 | 0001 | 0000 | 0001 | | 1001 | 0011 | 1000 | 0000 | 0000 | 0000 | | 1010 | 0011 | 1011 | 0001 | 0001 | 0000 | | 1011 | 0011 | 1010 | 0001 | 0001 | 0000 | | 1100 | 0011 | 1101 | 0000 | 0000 | 0000 | | 1101 | 0011 | 1100 | 0000 | 0000 | 0000 | | 1110 | 0011 | 1111 | 0001 | 0001 | 0000 | | 1111 | 0011 | 1110 | 0001 | 0001 | 0000 | | 0000 | 0100 | 0100 | 0000 | 0000 | 0000 | | 0001 | 0100 | 0101 | 0001 | 0001 | 0000 | | 0010 | 0100 | 0110 | 0000 | 0001 | 0001 | | 0011 | 0100 | 0111 | 0001 | 0001 | 0000 | | 0100 | 0100 | 0000 | 0000 | 0000 | 0000 | | 0101 | 0100 | 0001 | 0001 | 0001 | 0000 | | 0110 | 0100 | 0010 | 0001 | 0001 | 0000 | | 0111 | 0100 | 0011 | 0000 | 0000 | 0000 | | 1000 | 0100 | 1000 | 0000 | 0001 | 0001 | | 1001 | 0100 | 1001 | 0001 | 0000 | 0001 | | 1010 | 0100 | 1010 | 0001 | 0001 | 0000 | | 1011 | 0100 | 1011 | 0000 | 0001 | 0001 | | 1100 | 0100 | 1100 | 0000 | 0001 | 0001 | | 1101 | 0100 | 1101 | 0001 | 0000 | 0001 | | 1110 | 0100 | 1110 | 0001 | 0001 | 0000 | | 1111 | 0100 | 1111 | 0000 | 0000 | 0000 | | 0000 | 0101 | 0101 | 0001 | 0001 | 0000 | | 0001 | 0101 | 0100 | 0001 | 0001 | 0000 | | 0010 | 0101 | 0111 | 0001 | 0001 | 0000
Final Answer
| a | b | c | a * S(b) | c * S(b $\oplus$ 1) | a * S(b) $\oplus$ c * S(b $\oplus$ 1) |
Need Help with Homework?
Stuck on a difficult problem? We've got you covered:
- Post your question or upload an image
- Get instant step-by-step solutions
- Learn from our AI and community of students