JAIST Repository >
School of Information Science >
Articles >
Journal Articles >
Please use this identifier to cite or link to this item:
http://hdl.handle.net/10119/14221
|
Title: | Accurate Estimation of the Full Differential Distribution for General Feistel Structures |
Authors: | Chen, Jiageng Miyiaji, Atsuko Su, Chunhua The, Je Sen |
Keywords: | Differential attack General Feistel Structure(GFS) Differential distribution LBlock TWINE |
Issue Date: | 2016-05-07 |
Publisher: | Springer |
Magazine name: | Lecture Notes in Computer Science |
Volume: | 9589 |
Start page: | 108 |
End page: | 124 |
DOI: | 10.1007/978-3-319-38898-4_7 |
Abstract: | Statistical cryptanalysis is one of the most powerful tools to analyze symmetric key cryptographic primitives such as block ciphers. One of these attacks, the differential attack has been demonstrated to break a wide range of block ciphers. Block cipher proposals previously obtain a rough estimate of their security margin against differential attacks by counting the number of active S-Box along a differential path. However this method does not take into account the complex clustering effect of multiple differential paths. Analysis under full differential distributions have been studied for some extremely lightweight block ciphers such as KATAN and SIMON, but is still unknown for ciphers with relatively large block sizes. In this paper, we provide a framework to accurately estimate the full differential distribution of General Feistel Structure (GFS) block ciphers with relatively large block sizes. This framework acts as a convenient tool for block cipher designers to determine the security margin of their ciphers against differential attacks. We describe our theoretical model and demonstrate its correctness by performing experimental verification on a toy GFS cipher. We then apply our framework to two concrete GFS ciphers, LBlock and TWINE to derive their full differential distribution by using super computer. Based on the results, we are able to attack 25 rounds of TWINE-128 using a distinguishing attack, which is comparable to the best attack to date. Besides that, we are able to depict a correlation between the hamming weight of an input differential characteristic and the complexity of the attack. Based on the proposed framework, LBlock and TWINE have shown to have 178 and 208-bit security respectively. |
Rights: | This is the author-created version of Springer, Jiageng Chen, Atsuko Miyiaji, Chunhua Su and Je Sen Teh, Lecture Notes in Computer Science, 9589, 2016, 108-124. The original publication is available at www.springerlink.com, http://dx.doi.org/10.1007/978-3-319-38898-4_7 |
URI: | http://hdl.handle.net/10119/14221 |
Material Type: | author |
Appears in Collections: | b10-1. 雑誌掲載論文 (Journal Articles)
|
Files in This Item:
File |
Description |
Size | Format |
22232.pdf | | 3367Kb | Adobe PDF | View/Open |
|
All items in DSpace are protected by copyright, with all rights reserved.
|