Distinguishers for 4-Branch and 8-Branch Generalized Feistel Network
Reads0
Chats0
TLDR
It is concluded that eight-branch type-2 generalized Feistel network (GFN) with SSP functions is weaker than four-br branch type-two GFN with DSP functions in the KKA model.Abstract:
In this paper, we present an eight round distinguisher for four-branch type-2 generalized Feistel network (GFN) with double-SP (DSP) functions and two distinguishers for eight-branch type-2 GFN with single-SP (SSP) functions in a known key attack (KKA) model. We improved the result presented by Sasaki in Indocrypt 2012 by extending the number of rounds attacked from seven to eight for four-branch GFN. Furthermore, for eight-branch type-2 GFN with SSP functions, we present the first known key distinguishers. Our attack works up to 15 rounds of this GFN for all practical parameters. Subsequently, we extend the attack to 17 rounds for the same GFN, which works for most practical parameters. On the basis of our second result and the number of rounds attacked, we conclude that eight-branch type-2 GFN with SSP functions is weaker than four-branch type-two GFN with DSP functions in the KKA model. We apply rebound attack technique to mount all three distinguishers. However, a limitation of all the distinguishers presented in this paper is that they are useful only if the input size of S-boxes in bits is greater than or equal to the number of S-boxes in one S-box layer.read more
Citations
More filters
Double-SP is weaker than single-SP: Rebound attacks on feistel ciphers with several rounds
TL;DR: In this paper, the authors presented rebound attacks on generalized Feistel networks with double-SP functions, and showed that double SP functions are weaker than single SP functions when a number of rounds is small.
Book ChapterDOI
Mutual Information and Machine Learning Based Distinguishers for Pseudo Random Bit Sequences
TL;DR: It is observed that pseudo random bit sequences of four block ciphers in ECB mode are distinguishable with more than 99% accuracy as compared to CBC and OFB mode.
Proceedings ArticleDOI
Piecewise-linear Modelling of CMOS Gates Propagation Delay as a Function of PVT Variations and Aging
TL;DR: In this paper, a simulation-based methodology that incorporates the aging phenomena is presented to address the reliability aspects during the design phase and pave the way for further life-time projections at the design stage.
References
More filters
Book ChapterDOI
Linear cryptanalysis method for DES cipher
TL;DR: A new method is introduced for cryptanalysis of DES cipher, which is essentially a known-plaintext attack, that is applicable to an only-ciphertext attack in certain situations.
Journal ArticleDOI
Differential cryptanalysis of DES-like cryptosystems
Eli Biham,Adi Shamir +1 more
TL;DR: A new type of cryptanalytic attack is developed which can break the reduced variant of DES with eight rounds in a few minutes on a personal computer and can break any reduced variantof DES (with up to 15 rounds) using less than 256 operations and chosen plaintexts.
Book ChapterDOI
HIGHT: a new block cipher suitable for low-resource device
Deukjo Hong,Jaechul Sung,Seokhie Hong,Jongin Lim,Sangjin Lee,Bon-Seok Koo,Changhoon Lee,Donghoon Chang,Jesang Lee,Kitae Jeong,Hyun Kim,Jongsung Kim,Seongtaek Chee +12 more
TL;DR: This paper proposes a new block cipher HIGHT with 64-bit block length and 128-bit key length, which provides low-resource hardware implementation, which is proper to ubiquitous computing device such as a sensor in USN or a RFID tag.
Book ChapterDOI
The 128-Bit Blockcipher CLEFIA (Extended Abstract)
TL;DR: A new 128-bit blockcipher CLEFIA supporting key lengths of 128, 192 and 256 bits, which is compatible with AES is proposed, which achieves enough immunity against known attacks and flexibility for efficient implementation in both hardware and software.
Book ChapterDOI
The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl
TL;DR: The rebound attack consists of an inbound phase with a match-in-the-middle part to exploit the available degrees of freedom in a collision attack to efficiently bypass the low probability parts of a differential trail.