Cryptanalysis of block ciphers and weight divisibility of some binary codes
نویسندگان
چکیده
The resistance of an iterated block cipher to most classical attacks can be quantified by some properties of its round function. The involved parameters (nonlinearity, degrees of the derivatives...) for a function F from F2 into F2 are related to the weight distribution of a binary linear code CF of length 2 − 1 and dimension 2m. In particular, the weight divisibility of CF appears as an important criterion in the context of linear cryptanalysis and of higher-order differential attacks. When the round function F is a power permutation over F2m , the associated code CF is the dual of a primitive cyclic code with two zeroes. Therefore, McEliece’s theorem provides a powerful tool for evaluating the resistance of some block ciphers to linear and higherorder differential attacks.
منابع مشابه
A new method for accelerating impossible differential cryptanalysis and its application on LBlock
Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early abort, and pre-computation are some common methods to reduce complexities of this attack. In ...
متن کاملAlgebraic construction of cryptographically good binary linear transformations
MaximumDistance Separable (MDS) andMaximumDistance Binary Linear (MDBL) codes are used as diffusion layers in the design of the well-known block ciphers like the Advanced Encryption Standard, Khazad, Camellia, and ARIA. The reason for the use of these codes in the design of block ciphers is that they provide optimal diffusion effect to meet security of a round function of a block cipher. On the...
متن کاملImpossible Differential Cryptanalysis of Reduced-Round Midori64 Block Cipher (Extended Version)
Impossible differential attack is a well-known mean to examine robustness of block ciphers. Using impossible differ- ential cryptanalysis, we analyze security of a family of lightweight block ciphers, named Midori, that are designed considering low energy consumption. Midori state size can be either 64 bits for Midori64 or 128 bits for Midori128; however, both vers...
متن کاملBiclique Cryptanalysis of Block Ciphers LBlock and TWINE-80 with Practical Data Complexity
In the biclique attack, a shorter biclique usually results in less data complexity, but at the expense of more computational complexity. The early abort technique can be used in partial matching part of the biclique attack in order to slightly reduce the computations. In this paper, we make use of this technique, but instead of slight improvement in the computational complexity, we keep the amo...
متن کاملCryptanalysis of Some Hash Functions Based on Block Ciphers and Codes
At PKC 2000, Inoue and Sakurai proposed some methods to design hash functions from block ciphers and codes (block codes and convolutional codes). They claimed that their hash functions are secure: encryptions are necessary to find a collision, where and are the minimal distance of the code and the block size of block cipher, respectively. However, we show in this paper that a collision could be...
متن کامل