Abstract
Impossible differential cryptanalysis is well known to be effective in analyzing the security of block ciphers. Known result shows that there always exists 5-round impossible differentials of a Feistel cipher with bijective round function. However, if more details of the round function are known, the result could be improved. This paper mainly studies the impossible differentials of Feistel ciphers with both SP and SPS round functions where the linear transformation P is defined over \({\mathbb F}_2^{n\times n}\). For Feistel ciphers with SP round functions, any column of P ⊕ P − 1 whose Hamming weight is greater than 1 corresponds to some 6-round impossible differentials. The existence of some 7-round impossible differentials can be determined by counting the times that 1 appears at some special positions of P and P − 1. Some 8-round impossible differentials can be found by computing the rank of some sub-matrix of P. Impossible differentials of Camellia found by these techniques are well consistent with previously known results. For Feistel ciphers with SPS round functions, by determining the rank of some sub-matrix of P, 6-round impossible differentials can be found, which improves the results on E2 by one round. These results tell that when designing a Feistel cipher with SP or SPS round function where the diffusion layer is selected from \({\mathbb F}_2^{n\times n}\), the linear transformation should be chosen carefully to make the cipher secure against impossible differential cryptanalysis.
Chapter PDF
Similar content being viewed by others
References
NTT-Nippon Telegraph and Telephone Corporation: E2: Efficient Encryption Algorithm, http://info.isl.ntt.co.jp/e2
Lee, C., Cha, Y.: The Block Cipher: SNAKE with Provable Resistance against DC and LC attacks. In: JW-ISC 1997, pp. 3–17 (1997)
Aoki, K., Kanda, M.: Search for Impossible Differential of E2, http://csrc.nist.gov/encryption/aes/round1/comment
Feistel, H.: Cryptography and Data Security. Scientific American 228(5), 15–23 (1973)
Aoki, K., Ichikawa, T., Kanda, M., et al.: Specification of Camellia — a 128–bit Block Cipher. In: Stinson, D.B., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 183–191. Springer, Heidelberg (2001)
Duo, L., Li, C., Feng, K.: New Observation on Camellia. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 51–64. Springer, Heidelberg (2006)
Knudsen, L.: DEAL — A 128-bit Block Cipher. Technical Report 151, Department of Informatics, University of Bergen, Bergen, Norway (1998)
Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999)
Biham, E., Biryukov, A., Shamir, A.: Miss in the Middle Attacks on IDEA and Khufu. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 124–138. Springer, Heidelberg (1999)
Sugita, M., Kobara, K., Imai, H.: Security of Reduced Version of the Block Cipher Camellia against Truncated and Impossible Differential Cryptanalysis. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 193–207. Springer, Heidelberg (2001)
Wu, W., Zhang, W., Feng, D.: Impossible Differential Cryptanalysis of Reduced-Round ARIA and Camellia. Journal of Computer Science and Technology 22(3), 449–456 (2007)
Wu, W., Zhang, L., Zhang, W.: Improved Impossible Differential Cryptanalysis of Reduced–Round Camellia. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 442–456. Springer, Heidelberg (2009)
Lu, J., Kim, J., Keller, N., et al.: Improving the Efficiency of Impossible Differential Cryptanalysis of Reduced Camellia and MISTY1. In: Malkin, T.G. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 370–386. Springer, Heidelberg (2008)
Lu, J., Dunkelman, O., Keller, N., et al.: New Impossible Differential Attacks on AES. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 279–293. Springer, Heidelberg (2008)
Dunkelman, O., Keller, N.: An Improved Impossible Differential Attack on MISTY1. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 441–454. Springer, Heidelberg (2008)
Mala, H., Shakiba, M., Dakhilalian, M., Bagherikaram, G.: New Results on Impossible Differential Cryptanalysis of Reduced-Round Camellia–128. In: Jacobson Jr., M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 281–294. Springer, Heidelberg (2009)
Kim, J., Hong, S., Sung, J., Lee, S., Lim, J.: Impossible Differential Cryptanalysis for Block Cipher Structures. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 82–96. Springer, Heidelberg (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wei, Y., Li, P., Sun, B., Li, C. (2010). Impossible Differential Cryptanalysis on Feistel Ciphers with SP and SPS Round Functions. In: Zhou, J., Yung, M. (eds) Applied Cryptography and Network Security. ACNS 2010. Lecture Notes in Computer Science, vol 6123. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13708-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-13708-2_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13707-5
Online ISBN: 978-3-642-13708-2
eBook Packages: Computer ScienceComputer Science (R0)