Toward the True Random Cipher: On Expected Linear Probability Values for SPNs with Randomly Selected S-Boxes
نویسندگان
چکیده
A block cipher, which is an important cryptographic primitive, is a bijective mapping from {0, 1} to {0, 1} (N is called the block size), parameterized by a key. In the true random cipher, each key results in a distinct mapping, and every mapping is realized by some key—this is generally taken to be the ideal cipher model. We consider a fundamental block cipher architecture called a substitution-permutation network (SPN). Specifically, we investigate expected linear probability (ELP) values for SPNs, which are the basis for a powerful attack called linear cryptanalysis. We show that if the substitution components (s-boxes) of an SPN are randomly selected, then the expected value of any ELP entry converges to the corresponding value for the true random cipher, as the number of encryption rounds is increased. This gives quantitative support to the claim that the SPN structure is a practical approximation of the true random cipher.
منابع مشابه
Linear Cryptanalysis of Substitution-Permutation Networks
The subject of this thesis is linear cryptanalysis of substitution-permutation networks (SPNs). We focus on the rigorous form of linear cryptanalysis, which requires the concept of linear hulls. First, we consider SPNs in which the s-boxes are selected independently and uniformly from the set of all bijective n × n s-boxes. We derive an expression for the expected linear probability values of s...
متن کاملOn the Design of Linear Transformations for Substitution Permutation Encryption Networks
In this paper we study the security of Substitution Permutation Encryption Networks (SPNs) with randomly selected bijective substitution boxes and a randomly selected invertible linear transformation layer. In particular, our results show that for such a 64–bit SPN using 8 8 s-boxes, the number of s-boxes involved in any 2 rounds of a linear approximation or a differential characteristic is equ...
متن کاملProvable Security of Substitution-Permutation Networks
Many modern block ciphers are constructed based on the paradigm of substitution-permutation networks (SPNs). But, somewhat surprisingly—especially in comparison with Feistel networks, which have been analyzed by dozens of papers going back to the seminal work of Luby and Rackoff—there are essentially no provable-security results about SPNs. In this work, we initiate a comprehensive study of the...
متن کاملOn the Design of Secure Block Ciphers
In this paper, we examine a class of block ciphers referred to as substitutionpermutation networks or SPNs. We assert that the basic SPN architecture can be used to provide an efficient implementation of a secure block cipher if the system S-boxes are carefully selected and connected with an appropriate linear transformation. Specifically, it is shown that S-boxes which possess good diffusion a...
متن کاملOn the Number Of Nonlinear Regular S-boxes
A. M. Youssef and S. E. Tavares Department Of Electrical and Computer Engineering Queen’s University Kingston, Ontario, Canada, K7L 3N6 Phone : (613) 545–2945 Fax : (613) 545–6615 email : [email protected] Indexing terms: Cryptography, Private-key cryptosystems, Substitution boxes, Combinatorics. Abstract Nonlinearity is a crucial requirement for the substitution boxes in secure block ciphe...
متن کامل