Cryptanalysis of Symmetric Block Ciphers Based on the Feistel Network with Non-bijective S-boxes in the Round Function
نویسنده
چکیده
We consider ciphertext-only attack on symmetric block ciphers based on the Feistel network with secret S-boxes installed as an additional parameter, like in Soviet GOST 28147-89. In case when Sboxes are generated by authorized agency and cannot be verified by end-user of the cipher (e.g., in case of special equipment for encryption), application of non-bijective S-boxes allows significantly decrease deciphering complexity for authorized agency preserving high-level strength for other cryptanalysts. We show that it is necessary to have non-bijective S-boxes which outputs form non-trivial subgroup and give an example for deciphering complexity with known and secret non-bijective S-boxes for GOST.
منابع مشابه
KronCrypt - A New Symmetric Cryptosystem Based on Kronecker's Approximation Theorem
In this paper we show how to use an old mathematical concept of diophantine analysis, the approximation theorem of Kronecker, in symmetric cryptography. As a first practical application we propose and analyze the new symmetric 128-bit block cipher KronCrypt. The cipher is a 4-round Feistel network with a non-bijective round function f made up of a variable number of large key-dependent S-boxes,...
متن کاملCryptanalysis of a Generalized Unbalanced Feistel Network Structure
This paper reevaluates the security of GF-NLFSR, a new kind of generalized unbalanced Feistel network structure that was proposed at ACISP 2009. We show that GF-NLFSR itself reveals a very slow diffusion rate, which could lead to several distinguishing attacks. For GF-NLFSR containing n sub-blocks, we find an n-round integral distinguisher by algebraic methods and further use this integral to c...
متن کاملAnalysis and design of block cipher constructions
This thesis is dedicated to symmetric cryptographic algorithms. The major focus of the work is on block ciphers themselves as well as on hash functions and message authentication codes based on block ciphers. Three main approaches to the cryptanalysis of symmetric cryptographic algorithms are pursued. First, several block cipher constructions are analyzed mathematically using statistical crypta...
متن کاملPractical Security against Differential Cryptanalysis for Extended Feistel Network
Immunity against differential cryptanalysis is an important measure in designing symmetric ciphers. Practical security is a measure to evaluate this immunity by estimating the minimum number of differential active s-boxes. A cipher with more sboxes is said to have better immunity against differential cryptanalysis. In this paper, we evaluate the immunity of three types of Extended Feistel Netwo...
متن کاملPractical Security against Differential and Linear Cryptanalysis for SMS4-like Cipher
SMS4, a block cipher which employs a special kind of unbalanced Feistel structure, has been accepted as the Chinese National Standard for securing Wireless LANs. This paper investigates the upper bounds of the maximum differential and linear characteristic probabilities of SMS4like cipher, in order to evaluate the practical security against differential and linear cryptanalysis. In the same way...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2011 شماره
صفحات -
تاریخ انتشار 2011