Abstract
Though unbalanced Feistel networks (UFN) are widely considered as an alternative to balanced Feistel networks (BFN) and substitution–permutation networks (SPN) in symmetric cryptography, little has been known yet about their resistance against differential and linear cryptanalysis. In this work, we tackle the problem at the example of d-branch SP-type UFNs with contracting MDS diffusion (dCUFN-SP). Under some restrictions on the contracting MDS matrices over multiple rounds, we prove lower bounds on the number of differentially active S-boxes for dCUFN-SP with \({d\in\{3,4\}}\) and on the number of linearly active S-boxes for dCUFN-SP with d ≥ 3. As opposed to SPNs and BFNs, the number of differentially active S-boxes for such constructions does not directly translate to an upper bound on the probability of differential trails. So we provide a thorough analysis of single-round differentials that yields an upper bound on the probability of a differential trail. It is also shown that the efficiency level of dCUFN-SP is comparable to that of BFNs and SPNs with respect to differential and linear cryptanalysis.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Feistel H.: Cryptography and computer privacy. Sci. Am. 228, 15–23 (1973)
Data Encryption Standard: FIPS. National Bureau of Standards, US Department of Commerce (1977).
Daemen J., Rijmen V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security, Cryptography, Springer, Heidelberg (2002).
Advanced Encryption Standard: FIPS. Publication 197. National Bureau of Standards, US Department of Commerce (2001).
Schneier B., Kelsey J.: Unbalanced Feistel Networks and Block Cipher Design. In: Gollmann, D. (ed.) FSE’96. LNCS, vol. 1039, pp. 121–144. Springer, Heidelberg (1996)
Jutla C.S.: Generalized Birthday Attacks on Unbalanced Feistel Networks. In: Krawczyk, H. (ed.) CRYPTO’98. LNCS, vol. 1462, pp. 186–199. Springer, Heidelberg (1998)
Lucks S.: Faster Luby-Rackoff Ciphers. In: Gollmann, D. (ed.) FSE’96. LNCS, vol. 1039, pp. 189–203. Springer, Heidelberg (1996)
Naor M., Reingold O.: On the construction of pseudorandom permutations: Luby-Rackoff Revisited. J. Cryptology 12(1), 29–66 (1999)
Biham E., Shamir A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptology 4, 3–72 (1991)
Matsui M.: Linear cryptanalysis of the ata Encryption Standard. In: Helleseth, T. (ed.) EUROCRYPT’93. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)
Lidl R., Niederreiter H.: Finite Fields. Encyclopedia of Mathematics and Its Applications 20. Cambridge University Press, Cambridge (1997).
Kanda M.: Practical Security Evaluation against Differential and Linear Cryptanalyses for Feistel Ciphers with SPN Round Function. In: Stinson, D.R., Tavares, S. (eds) SAC’00. LNCS, vol. 2012, pp. 324–338. Springer, Heidelberg (2001)
Shirai T., Shibutani K.: Improving Immunity of Feistel Ciphers against Differential Cryptanalysis by Using Multiple MDS Matrices. In: Roy, B., Meier, W. (eds) FSE’04. LNCS, vol. 3017, pp. 260–278. Springer, Heidelberg (2004)
Shirai T., Preneel B.: On Feistel Ciphers Using Optimal Diffusion Mappings Across Multiple Rounds. In: Lee, P.J. (ed.) ASIACRYPT’04. LNCS, vol. 3329, pp. 1–15. Springer, Heidelberg (2004)
Patarin J., Nachef V., Berbain C.: Generic Attacks on Unbalanced Feistel Schemes with Contracting Functions. In: Lai, X., Chen, K. (eds) ASIACRYPT’06. LNCS, vol. 4284, pp. 396–411. Springer, Heidelberg (2006)
Patarin J., Nachef V., Berbain C.: Generic Attacks on Unbalanced Feistel Schemes with Expanding Functions. In: Kurosawa, K. (ed.) ASIACRYPT’07. LNCS, vol. 4833, pp. 325–341. Springer, Heidelberg (2007)
Zheng Y., Matsumoto T., Imai H.: On the Construction of Block Ciphers Provably Secure and Not Relying on Any Unproved Hypotheses. In: Brassard, G. (ed.) CRYPTO’89. LNCS, vol. 435, pp. 461–480. Springer, Heidelberg (1990)
Nyberg K.: Generalized Feistel Networks. In: Kim, K., Matsumoto, T. (eds) ASIACRYPT’96. LNCS, vol. 1163, pp. 91–104. Springer, Heidelberg (1996)
Shirai T., Shibutani K., Akishita T., Moriai S., Iwata T.: The 128-Bit Blockcipher CLEFIA. In: Biryukov, A. (ed.) FSE’07. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007)
Bogdanov A., Knudsen L.R., Leander G., Paar C., Poschmann A., Robshaw M.J.B., Seurin Y., Vikkelsoe C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds) CHES’07. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)
De Canniere C., Dunkelman O., Knezevic M.: KATAN and KTANTAN – A Family of Small and Efficient Hardware-Oriented Block Ciphers. In: Clavier, C., Gaj, K. (eds) CHES’09. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009)
Nyberg K.: Differentially uniform mappings for cryptography. In: Helleseth, T. (ed.) EUROCRYPT’93. LNCS, vol. 765, pp. 55–64. Springer, Heidelberg (1994)
Dillon J.: APN polynomials: An update. In: Fq9, the 9th International Conference on Finite Fields and Applications, Dublin, Ireland, Invited talk (2009).
Hou X.-d.: Affinity of permutations of \({\mathbb{F}_2^n}\). In: Proceedings of the Workshop on Coding and Cryptography WCC 2003 (2003), pp. 273–280. Completed version in Discrete Applied Mathematics 154(2), 313–325 (2006).
Rijmen V., Daemen J., Preneel B., Bossalaers A., Win E.D.: The Cipher SHARK. In: Gollmann, D. (ed.) FSE’96. LNCS, vol. 1039, pp. 99–111. Springer, Heidelberg (1996)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Bogdanov, A. On unbalanced Feistel networks with contracting MDS diffusion. Des. Codes Cryptogr. 59, 35–58 (2011). https://doi.org/10.1007/s10623-010-9462-0
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-010-9462-0