JAIST Repository >
School of Information Science >
Articles >
Journal Articles >

Please use this identifier to cite or link to this item: http://hdl.handle.net/10119/14221

Title: Accurate Estimation of the Full Differential Distribution for General Feistel Structures
Authors: Chen, Jiageng
Miyiaji, Atsuko
Su, Chunhua
The, Je Sen
Keywords: Differential attack
General Feistel Structure(GFS)
Differential distribution
Issue Date: 2016-05-07
Publisher: Springer
Magazine name: Lecture Notes in Computer Science
Volume: 9589
Start page: 108
End page: 124
DOI: 10.1007/978-3-319-38898-4_7
Abstract: Statistical cryptanalysis is one of the most powerful tools to analyze symmetric key cryptographic primitives such as block ciphers. One of these attacks, the differential attack has been demonstrated to break a wide range of block ciphers. Block cipher proposals previously obtain a rough estimate of their security margin against differential attacks by counting the number of active S-Box along a differential path. However this method does not take into account the complex clustering effect of multiple differential paths. Analysis under full differential distributions have been studied for some extremely lightweight block ciphers such as KATAN and SIMON, but is still unknown for ciphers with relatively large block sizes. In this paper, we provide a framework to accurately estimate the full differential distribution of General Feistel Structure (GFS) block ciphers with relatively large block sizes. This framework acts as a convenient tool for block cipher designers to determine the security margin of their ciphers against differential attacks. We describe our theoretical model and demonstrate its correctness by performing experimental verification on a toy GFS cipher. We then apply our framework to two concrete GFS ciphers, LBlock and TWINE to derive their full differential distribution by using super computer. Based on the results, we are able to attack 25 rounds of TWINE-128 using a distinguishing attack, which is comparable to the best attack to date. Besides that, we are able to depict a correlation between the hamming weight of an input differential characteristic and the complexity of the attack. Based on the proposed framework, LBlock and TWINE have shown to have 178 and 208-bit security respectively.
Rights: This is the author-created version of Springer, Jiageng Chen, Atsuko Miyiaji, Chunhua Su and Je Sen Teh, Lecture Notes in Computer Science, 9589, 2016, 108-124. The original publication is available at www.springerlink.com, http://dx.doi.org/10.1007/978-3-319-38898-4_7
URI: http://hdl.handle.net/10119/14221
Material Type: author
Appears in Collections:b10-1. 雑誌掲載論文 (Journal Articles)

Files in This Item:

File Description SizeFormat
22232.pdf3367KbAdobe PDFView/Open

All items in DSpace are protected by copyright, with all rights reserved.


Contact : Library Information Section, Japan Advanced Institute of Science and Technology