The search functionality is under construction.

The search functionality is under construction.

This paper studies security of Feistel ciphers with SPN round function against differential cryptanalysis, linear cryptanalysis, and truncated differential cryptanalysis from the "designer's standpoint." In estimating the security, we use the upper bounds of differential characteristic probability, linear characteristic probability and truncated differential probability, respectively. They are useful to design practically secure ciphers against these cryptanalyses. Firstly, we consider the minimum numbers of differential and linear active *s*-boxes. They provide the upper bounds of differential and linear characteristic probability, which show the security of ciphers constructed by *s*-boxes against differential and linear cryptanalysis. We clarify the (lower bounds of) minimum numbers of differential and linear active *s*-boxes in some consecutive rounds of the Feistel ciphers by using differential and linear branch numbers, *P*_{d}, *P*_{l}, respectively. Secondly, we discuss the following items on truncated differential probability from the designer's standpoint, and show how the following items affect the upper bound of truncated differential probability; (a) truncated differential probability of effective active-*s*-box, (b) XOR cancellation probability, and (c) effect of auxiliary functions. Finally, we revise Matsui's algorithm using the above discussion in order to evaluate the upper bound of truncated differential probability, since we consider the upper bound of truncated differential probability as well as that of differential and linear probability.

- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E85-A No.1 pp.25-37

- Publication Date
- 2002/01/01

- Publicized

- Online ISSN

- DOI

- Type of Manuscript
- Special Section PAPER (Special Section on Cryptography and Information Security)

- Category

The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.

Copy

Masayuki KANDA, Tsutomu MATSUMOTO, "On the Security of Feistel Ciphers with SPN Round Function against Differential, Linear, and Truncated Differential Cryptanalysis" in IEICE TRANSACTIONS on Fundamentals,
vol. E85-A, no. 1, pp. 25-37, January 2002, doi: .

Abstract: This paper studies security of Feistel ciphers with SPN round function against differential cryptanalysis, linear cryptanalysis, and truncated differential cryptanalysis from the "designer's standpoint." In estimating the security, we use the upper bounds of differential characteristic probability, linear characteristic probability and truncated differential probability, respectively. They are useful to design practically secure ciphers against these cryptanalyses. Firstly, we consider the minimum numbers of differential and linear active *s*-boxes. They provide the upper bounds of differential and linear characteristic probability, which show the security of ciphers constructed by *s*-boxes against differential and linear cryptanalysis. We clarify the (lower bounds of) minimum numbers of differential and linear active *s*-boxes in some consecutive rounds of the Feistel ciphers by using differential and linear branch numbers, *P*_{d}, *P*_{l}, respectively. Secondly, we discuss the following items on truncated differential probability from the designer's standpoint, and show how the following items affect the upper bound of truncated differential probability; (a) truncated differential probability of effective active-*s*-box, (b) XOR cancellation probability, and (c) effect of auxiliary functions. Finally, we revise Matsui's algorithm using the above discussion in order to evaluate the upper bound of truncated differential probability, since we consider the upper bound of truncated differential probability as well as that of differential and linear probability.

URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/e85-a_1_25/_p

Copy

@ARTICLE{e85-a_1_25,

author={Masayuki KANDA, Tsutomu MATSUMOTO, },

journal={IEICE TRANSACTIONS on Fundamentals},

title={On the Security of Feistel Ciphers with SPN Round Function against Differential, Linear, and Truncated Differential Cryptanalysis},

year={2002},

volume={E85-A},

number={1},

pages={25-37},

abstract={This paper studies security of Feistel ciphers with SPN round function against differential cryptanalysis, linear cryptanalysis, and truncated differential cryptanalysis from the "designer's standpoint." In estimating the security, we use the upper bounds of differential characteristic probability, linear characteristic probability and truncated differential probability, respectively. They are useful to design practically secure ciphers against these cryptanalyses. Firstly, we consider the minimum numbers of differential and linear active *s*-boxes. They provide the upper bounds of differential and linear characteristic probability, which show the security of ciphers constructed by *s*-boxes against differential and linear cryptanalysis. We clarify the (lower bounds of) minimum numbers of differential and linear active *s*-boxes in some consecutive rounds of the Feistel ciphers by using differential and linear branch numbers, *P*_{d}, *P*_{l}, respectively. Secondly, we discuss the following items on truncated differential probability from the designer's standpoint, and show how the following items affect the upper bound of truncated differential probability; (a) truncated differential probability of effective active-*s*-box, (b) XOR cancellation probability, and (c) effect of auxiliary functions. Finally, we revise Matsui's algorithm using the above discussion in order to evaluate the upper bound of truncated differential probability, since we consider the upper bound of truncated differential probability as well as that of differential and linear probability.},

keywords={},

doi={},

ISSN={},

month={January},}

Copy

TY - JOUR

TI - On the Security of Feistel Ciphers with SPN Round Function against Differential, Linear, and Truncated Differential Cryptanalysis

T2 - IEICE TRANSACTIONS on Fundamentals

SP - 25

EP - 37

AU - Masayuki KANDA

AU - Tsutomu MATSUMOTO

PY - 2002

DO -

JO - IEICE TRANSACTIONS on Fundamentals

SN -

VL - E85-A

IS - 1

JA - IEICE TRANSACTIONS on Fundamentals

Y1 - January 2002

AB - This paper studies security of Feistel ciphers with SPN round function against differential cryptanalysis, linear cryptanalysis, and truncated differential cryptanalysis from the "designer's standpoint." In estimating the security, we use the upper bounds of differential characteristic probability, linear characteristic probability and truncated differential probability, respectively. They are useful to design practically secure ciphers against these cryptanalyses. Firstly, we consider the minimum numbers of differential and linear active *s*-boxes. They provide the upper bounds of differential and linear characteristic probability, which show the security of ciphers constructed by *s*-boxes against differential and linear cryptanalysis. We clarify the (lower bounds of) minimum numbers of differential and linear active *s*-boxes in some consecutive rounds of the Feistel ciphers by using differential and linear branch numbers, *P*_{d}, *P*_{l}, respectively. Secondly, we discuss the following items on truncated differential probability from the designer's standpoint, and show how the following items affect the upper bound of truncated differential probability; (a) truncated differential probability of effective active-*s*-box, (b) XOR cancellation probability, and (c) effect of auxiliary functions. Finally, we revise Matsui's algorithm using the above discussion in order to evaluate the upper bound of truncated differential probability, since we consider the upper bound of truncated differential probability as well as that of differential and linear probability.

ER -