A New Method for Finding Impossible Differentials of Generalized Feistel Structures

Impossible differential cryptanalysis is one of the most powerful attacks against modern block ciphers. In most cases, the resistance of a block cipher against impossible differential cryptanalysis can be measured by the length of the longest impossible differentials. By taking a closer look into th...

Full description

Saved in:
Bibliographic Details
Published in:Chinese Journal of Electronics 2018-07, Vol.27 (4), p.728-733
Main Authors: Cui, Ting, Jin, Chenhui, Ma, Jing
Format: Article
Language:English
Subjects:
cryptography
Differential style
famous block cipher structures
Generalized Feistel structure
generalized feistel structures
Impossible differential
impossible differential cryptanalysis
modern block ciphers
nonzero point
Nonzero point method
substitution‐permutation round functions
word‐oriented generalized Feistel structures
Citations: Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Impossible differential cryptanalysis is one of the most powerful attacks against modern block ciphers. In most cases, the resistance of a block cipher against impossible differential cryptanalysis can be measured by the length of the longest impossible differentials. By taking a closer look into the round function, we present a new method to find longer impossible differentials of wordoriented generalized Feistel structures. We conclude the existence of impossible differentials by the nonzero points of the XOR-ed masked differences in the middle round. This method uses differential style and its nonzero point to find the impossible differential, which is much easier than the classical impossible differential searching method. By applying our method, we can find several longest impossible differentials of some famous block cipher structures with SP (Substitution-permutation) round functions. If some extra conditions of the round function are taken into consideration (e.g. the permutation layer is designed as binary matrix or some sparse matrix), longer impossible differentials could be achieved by our method.
ISSN:1022-4653
2075-5597
DOI:10.1049/cje.2018.04.002