Skip to main content
SpringerLink
Log in

Known-key distinguishers on type-1 Feistel scheme and near-collision attacks on its hashing modes

  • Research Article
  • Published:
Frontiers of Computer Science Aims and scope Submit manuscript

Abstract

We present some known-key distinguishers for a type-1 Feistel scheme with a permutation as the round function. To be more specific, the 29-round known-key truncated differential distinguishers are given for the 256-bit type-1 Feistel scheme with an SP (substitution-permutation) round function by using the rebound attack, where the S -boxes have perfect differential and linear properties and the linear diffusion layer has a maximum branch number. For two 128-bit versions, the distinguishers can be applied on 25-round structures. Based on these distinguishers, we construct near-collision attacks on these schemes with MMO (Matyas-Meyer-Oseas) and MP (Miyaguchi-Preneel) hashing modes, and propose the 26-round and 22-round near-collision attacks for two 256-bit schemes and two 128-bit schemes, respectively. We apply the near-collision attack on MAME and obtain a 26-round near-collision attack. Using the algebraic degree and some integral properties, we prove the correctness of the 31-round known-key integral distinguisher proposed by Sasaki et al. We show that if the round function is a permutation, the integral distinguisher is suitable for a type-1 Feistel scheme of any size.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Knudsen L R, Rijmen V. Known-key distinguishers for some blockciphers. In: Proceedings of the 13th International Conference on the Theory and Application of Cryptology and Information Security. 2007, 315–324

    Google Scholar 

  2. Smid M E, Branstad D K. Data encryption standard: past and future. Proceedings of the IEEE, 1988, 76(5): 550–559

    Article  Google Scholar 

  3. Schneier B. Description of a new variable-length key, 64-bit block cipher (blowfish). Lecture Notes in Computer Science, 1994, 809: 191–204

    Article  Google Scholar 

  4. Kazumaro A, Tetsuya I, Masayuki K, Mitsuru M, Shiho M, Junko N, Toshio T. Camellia: a 128-bit block cipher suitable for multiple platforms design and analysis. In: Proceedings of the 7th Annual International Workshop Selected Areas in Cryptography. 2001, 39–56

    Google Scholar 

  5. Wallen J. Design principles of the kasumi block cipher. Proceedings of the Helsinki University of Technology Seminar on Network Security, 2000

    Google Scholar 

  6. Rivest R L. The RC5 encryption algorithm. In: Proceedings of the 2nd International Workshop on Fast Software Encryption.1995, 86–96

    Chapter  Google Scholar 

  7. Wu W, Zhang L. Lblock: a lightweight block cipher. In: Proceedings of the 9th International Conference on Applied Cryptography and Network Security. 2011, 327–344

    Chapter  Google Scholar 

  8. Mendel F, Rechberger C, Schläffer M, Thomsen S S. The rebound attack: Cryptanalysis of reduced Whirlpool and Grøstl. In: Proceedings of the 16th International Workshop on Fast Software Encryption. 2009, 260–276

    Chapter  Google Scholar 

  9. Sasaki Y, Yasuda K. Known-key distinguishers on 11-round feistel and collision attacks on its hashing modes. In: Proceedings of the 18th International Workshop on Fast Software Encryption. 2011, 397–415

    Chapter  Google Scholar 

  10. Sasaki Y, Emami S, Hong D, Kumar A. Improved known-key distinguishers on Feistel-SP ciphers and application to camellia. In: Proceedings of the 17th Australasian Conference Conference on Information Security and Privacy. 2012, 87–100

    Google Scholar 

  11. Minier M, Phan R C W, Pousse B. Distinguishers for ciphers and known key attack against rijndael with large blocks. Lecture Notes in Computer Science, 2009, 5580: 60–76

    Article  Google Scholar 

  12. Lamberger M, Mendel F, Rechberger C, Rijmen V, Schläffer M. Rebound distinguishers: Results on the full Whirlpool compression function. In: Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security. 2009, 126–143

    Google Scholar 

  13. Wu S, Feng D, Wu W. Cryptanalysis of the LANE hash function. In: Proceedings of the 16th Annual International Workshop on Selected Areas in Cryptography. 2009, 126–140

    Chapter  Google Scholar 

  14. Gilbert H, Peyrin T. Super-sbox cryptanalysis: Improved attacks for AES-like permutations. In: Proceedings of the 17th International Workshop on Fast Soft Encryption. 2010, 365–383

    Chapter  Google Scholar 

  15. Dong L, Wu W, Wu S, Zou J. Known-key distinguisher on round reduced 3D block cipher. In: Proceedings of the 12th International Workshop on Information Security Applications. 2011, 55–69

    Google Scholar 

  16. Zheng Y, Matsumoto T, Imai H. On the construction of block ciphers provably secure and not relying on any unproved hypotheses. Lecture Notes in Computer Science, 1989, 435: 461–480

    Article  MathSciNet  Google Scholar 

  17. Adams C, Tavares S, Heys H, Wiener M. The CAST-256 encryption algorithm. Submission to AES competition, 1998

    Google Scholar 

  18. Yoshida H, Watanabe D, Okeya K, Kitahara J, Wu H, Küçük Ö, Preneel B. Mame: A compression function with reduced hardware requirements. In: Proceedings of the 9th International Workshop Workshop on Cryptographic Hardware and Embedded Systems. 2007, 148–165

    Google Scholar 

  19. Hirose S, Kuwakado H, Yoshida H. SHA-3 proposal: Lesamnta. Submission to NIST, 2008

    Google Scholar 

  20. Bouillaguet C, Dunkelman O, Leurent G, Fouque P A. Lecture Notes in Computer Science, 2010, 6544: 18–35

    Article  MathSciNet  Google Scholar 

  21. Sasaki Y, Aoki K. Improved integral analysis on tweaked lesamnta. In: Proceedings of the 14th International Conference on Information Security and Cryptology. 2011, 1–17

    Google Scholar 

  22. Peyrin T. Improved differential attacks for ECHO and Grøstl. In: Proceedings of the 30th Annual Cryptology Conference. 2010, 370–392

  23. Mendel F, Peyrin T, Rechberger C, Schläffer M. Improved cryptanalysis of the reduced Grøstl compression function, ECHO permutation and aes block cipher. Lecture Notes in Computer Science, 2009, 5867: 16–35

    Article  Google Scholar 

  24. Matusiewicz K, Naya-Plasencia M, Nikolic I, Sasaki Y, Schläffer M. Rebound attack on the full LANE compression function. In: Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security. 2009, 106–125

    Google Scholar 

  25. Mendel F, Rechberger C, Schläffer M. Cryptanalysis of twister. In: Proceedings of the 7th International Conference on Applied Cryptography and Network Security. 2009, 342–353

    Chapter  Google Scholar 

  26. Rijmen V, Toz D, Varici K. Rebound attack on reduced-round versions of JH. In: Proceedings of the 17th International Workshop on Fast Soft Encryption. 2010, 286–303

    Chapter  Google Scholar 

  27. Naya-Plasencia M, Toz D, Varici K. Rebound attack on JH42. In: Proceedings of the 17th International Conference on the Theory and Application of Cryptology and Information Security. 2011, 252–269

    Google Scholar 

  28. Wu S, Feng D, Wu W. Practical rebound attack on 12-round Cheetah-256. In: Proceedings of the 12th International Conference Annual International Conference on Information Security and Cryptology. 2009, 300–314

    Google Scholar 

  29. Khovratovich D, Naya-Plasencia M, Röck A, Schläffer M. Cryptanalysis of Luffa v2 components. In: Proceedings of the 17th International Workshop on Selected Areas in Cryptography. 2010, 388–409

    Google Scholar 

  30. Daemen J, Knudsen L R, Rijmen V. The block cipher square. In: Proceedings of the 4th International Workshop on Fast Soft Encryption. 1997, 149–165

    Chapter  Google Scholar 

  31. Ferguson N, Kelsey J, Lucks S, Schneier B, Stay M, Wagner D, Whiting D. Improved cryptanalysis of Rijndael. In: Proceedings of the 7th International Workshop on Fast Soft Encryption. 2000, 213–230

    Google Scholar 

  32. Galice S, Minier M. Improving integral attacks against Rijndael-256 up to 9 rounds. Lecture Notes in Computer Science, 2008, 5023: 1–15

    Article  MathSciNet  Google Scholar 

  33. Knudsen L R, Wagner D. Integral cryptanalysis. In: Proceedings of the 9th International Workshop on Fast Soft Encryption. 2002, 112–127

    Chapter  Google Scholar 

  34. Preneel B, Govaerts R, Vandewalle J. Hash functions based on block ciphers: A synthetic approach. Lecture Notes in Computer Science, 1993, 773: 368–378

    Article  Google Scholar 

  35. Black J, Rogaway P, Shrimpton T. Black-box analysis of the blockcipher-based hash-function constructions from PGV. Lecture Notes in Computer Science, 2002, 2442: 320–335

    Article  MathSciNet  Google Scholar 

  36. Yu X, Wenling W. Cryptanalysis of MAME compression function. In: Proceedings of the 2010 International Conference on Computer Design and Applications. 2010, 5: 602–605

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Mathematics and Information Science, Henan Normal University, Xinxiang, 453007, China

    Le Dong

  2. Institute of Software, Chinese Academy of Sciences, Beijing, 100190, China

    Le Dong, Wenling Wu, Shuang Wu & Jian Zou

  3. Graduate University of Chinese Academy of Sciences, Beijing, 100149, China

    Le Dong & Jian Zou

Authors
  1. Le Dong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wenling Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shuang Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jian Zou
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Le Dong.

Additional information

Le Dong is a lecturer in the Henan Normal University, China. He received his PhD from the Institute of Software, Chinese Academy of Sciences in 2013. He received his MS and BS from Zhengzhou University in 2006 and 2003, respectively. His research interests include cryptanalysis of hash functions and block ciphers.

Wenling Wu is a researcher and PhD supervisor in the Institute of Software, Chinese Academy of Sciences. She received her PhD from Xidian University in 1997, and her MS and BS from Northwest University in 1990 and 1987. Her research interests are cryptanalysis and the design of block ciphers.

Shuang Wu is a research associate in the Institute of Software, Chinese Academy of Sciences. He received his PhD from the Chinese Academy of Sciences in 2011, and his BS from Tsinghua University in 2005. His research interests are cryptanalysis and the design of hash functions.

Jian Zou is a PhD candidate in the Institute of Software, Chinese Academy of Sciences. He received his BS from Central China Normal University in 2009. His research interests are cryptanalysis and the design of hash functions.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Dong, L., Wu, W., Wu, S. et al. Known-key distinguishers on type-1 Feistel scheme and near-collision attacks on its hashing modes. Front. Comput. Sci. 8, 513–525 (2014). https://doi.org/10.1007/s11704-014-2412-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11704-014-2412-7

Keywords

Search

Navigation