Abstract
Inspired by the works of Nyberg and Knudsen, the wide trail strategy suggests to ensure that the number of active S-boxes in a differential characteristic or a linear approximation is sufficiently high, thus, offering security against differential and linear attacks. Many cipher designers are relying on this strategy, and most new designs include analysis based on counting the number of active S-boxes. Unfortunately, this analysis is not always accurate and needs to be performed in a very delicate manner. To counter the common approach, we give an example of a 4-round Feistel construction with a very large number of active S-boxes that is expected to resist differential and linear cryptanalysis. However, we show that S-box counting arguments are insufficient in cases where one can find many differential characteristics with the same input and output difference. Namely, we show for a “provably” secure 128-bit block, 4-round Feistel with at least 36 active AES S-boxes, that one can construct differential characteristics with probability 2- 118 much higher than the bound of 2- 216. Even if we compare this 4-round Feistel construction to a random permutation we obtain a 10x factor in the probability of the characteristic.
Original language | English |
---|---|
Title of host publication | Progress in Cryptology – INDOCRYPT 2020 - 21st International Conference on Cryptology in India 2020, Proceedings |
Editors | Karthikeyan Bhargavan, Elisabeth Oswald, Manoj Prabhakaran |
Publisher | Springer Science and Business Media Deutschland GmbH |
Pages | 332-344 |
Number of pages | 13 |
ISBN (Print) | 9783030652760 |
DOIs | |
State | Published - 2020 |
Event | 21st International Conference on Cryptology in India, INDOCRYPT 2020 - Bangalore, India Duration: 13 Dec 2020 → 16 Dec 2020 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 12578 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 21st International Conference on Cryptology in India, INDOCRYPT 2020 |
---|---|
Country/Territory | India |
City | Bangalore |
Period | 13/12/20 → 16/12/20 |
Bibliographical note
Publisher Copyright:© Springer Nature Switzerland AG 2020.
Keywords
- Differential cryptanalysis
- Feistel ciphers
- Wide trail
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science