A chosen plaintext linear attack on block cipher CIKS-1

In this paper, we firstly evaluate the resistance of the reduced 5-round version of the block cipher CIKS-1 against linear cryptanalysis(LC). A feature of the CIKS-1 is the use of both Data-Dependent permutations (DD P) and internal key scheduing which consist in data-dependent transformation of the round subkeys. Taking into account the structure of CIKS-1 we investigate linear approximation. That is, we consider 16 linear approximations with p = 3/4 for 16 parallel modulo 2(2) additions to construct one-round linear approximation and derive one-round linear approximation with the probability of P = 1/2 + 2(-17) by Piling-Up lemma. Also we estimate that the P is a valid probability of one-round approximation and achieve that the probability P for one-round approximation is better than 1/2 + 2(-17) through experiments. Then we construct 3-round linear approximation with P = 1/2 + 2(-17) using this one-round approximation and can attack the reduced 5-round CIKS-1 with 64-bit block by LC. In conclusion, we present that our attack requires about 2(36) chosen plaintexts with a probability of success of 78.5% and 1/5 x 2(32) x 2(36) approximate to 2(65.7) encryption times to recover last round(5-round) key. In addition, we discuss a few improvements of the cipher CIKS-1.