Differential Cryptanalysis of the Data Encryption Standard. (1993)

by E Biham, A Shamir