Impossible Differential Cryptanalysis on Feistel Ciphers with SP and SPS Round Functions
Impossible differential cryptanalysis is well known to be ef fective in analyzing the security of block ciphers. Known result shows that there always exists 5-round impossible differentials of a Feistel cipher with bijective round function. However, if more details of the round func tion are known, the result could be improved. This paper mainly studies the impossible differentials of Feistel ciphers with both SP and SPS round fimctions where the linear transformation P is defined over F2n×n. For Feistel ciphers with SP round functions, any column of P ⊕ p-1 whose Hamming weight is greater than 1 corresponds to some 6-round impossible differentials. The existence of some 7round impossible dif ferentials can be determined by counting the times that 1 appears at somc special positions of P and p-1. Some 8-round impossible differ entials can be found by computing the rank of some sub-matrix of P. Impossible differentials of Camellia found by these techniques are well consistent with previously known results. For Feistel ciphers with SPS round functions, by determining the rank of some submatrix of P, 6round impossible differentials can be found, which improves the results . On E2 by one round. These results tell that when designing a Feistel ci pher with SP or SPS round filnction where the diffusion layer is selected from F2n×n, the linear transformation should be chosen carefully to make the cipher secure against impossible differential cryptanalysis.
Block cipher Feistel cipher Impossible differential
Yuechuan Wei Ping Li Bing Sun Chao Li
School of Computer Science, National University of Defense Technology,Changsha, China, 410073 Science College of National University of Defense Technology,Changsha, China, 410073 School of Computer Science, National University of Defense Technology,Changsha, China, 410073 Scienc
国际会议
8th International Conference,ACNS 2010(第八届国际应用密码与网络安全大会)
北京
英文
105-122
2010-06-22(万方平台首次上网日期,不代表论文的发表时间)