DOI QR코드

DOI QR Code

A Link Between Integrals and Higher-Order Integrals of SPN Ciphers

  • Li, Ruilin (School of Electronic Science and Engineering, National University of Defense Technology) ;
  • Sun, Bing (Department of Mathematics and System Science, Science College, National University of Defense Technology) ;
  • Li, Chao (Department of Mathematics and System Science, Science College, School of Computer, National University of Defense Technology)
  • 투고 : 2011.10.06
  • 심사 : 2012.05.03
  • 발행 : 2013.02.01

초록

Integral cryptanalysis, which is based on the existence of (higher-order) integral distinguishers, is a powerful cryptographic method that can be used to evaluate the security of modern block ciphers. In this paper, we focus on substitution-permutation network (SPN) ciphers and propose a criterion to characterize how an r-round integral distinguisher can be extended to an (r+1)-round higher-order integral distinguisher. This criterion, which builds a link between integrals and higher-order integrals of SPN ciphers, is in fact based on the theory of direct decomposition of a linear space defined by the linear mapping of the cipher. It can be directly utilized to unify the procedure for finding 4-round higher-order integral distinguishers of AES and ARIA and can be further extended to analyze higher-order integral distinguishers of various block cipher structures. We hope that the criterion presented in this paper will benefit the cryptanalysts and may thus lead to better cryptanalytic results.

키워드

참고문헌

  1. L.R. Knudsen and D. Wagner, "Integral Cryptanalysis," FSE, LNCS, vol. 2365, Springer, 2002, pp. 112-127.
  2. J. Daemen, L.R. Knudsen, and V. Rijmen, "The Block Cipher SQUARE," FSE, LNCS, vol. 1267, Springer, 1997, pp. 149-165.
  3. S. Lucks, "The Saturation Attack - A Bait for Twofish," FSE, LNCS, vol. 2355, Springer, 2002, pp. 1-15.
  4. A. Biryukov and A. Shamir, "Structural Cryptanalysis of SASAS," J. Cryptology, vol. 23, Springer, 2010, pp. 505-518. https://doi.org/10.1007/s00145-010-9062-1
  5. E. Biham and A. Shamir. "Differential Cryptanalysis of DES-like Cryptosystems," J. Cryptology, LNCS, vol. 537, Springer, 1991, pp. 2-21.
  6. FIPS Publication 197, "Specification for the Advanced Encryption Standard (AES)," US Department of Commerce, National Institute of Standards and Technology (NIST), Information Technology Laboratory (ITL), Gaithersburg, MD, USA, 2001.
  7. D. Kwon et al., "New Block Cipher: ARIA," ICISC, LNCS, vol. 2971, Springer, 2004, pp. 432-445.
  8. M. Matsui, "Linear Cryptanalysis Method for DES Cipher," EuroCrypt, LNCS 765, Springer, 1994, pp. 386-397.
  9. S. Hong et al., "Provable Security Against Differential and Linear Cryptanalysis for the SPN Structure," FSE, LNCS, vol. 1978, Springer, 2001, pp. 273-283.
  10. J.-S. Kang et al., "Practical and Provable Security Against Differential and Linear Cryptanalysis for Substitution-Permutation Networks," ETRI J., vol. 23, no. 4, Dec. 2001, pp. 158-167.
  11. S. Park et al., "Improving the Upper Bound on the Maximum Differential and the Maximum Linear Hull Probability for SPN Structures and AES," FSE, LNCS, vol. 2887, Springer, 2003, pp. 247-260.
  12. J. Daemen and V. Rijmen, The Design of Rijndael: AES - The Advanced Encryption Standard, Springer-Verlag, 2002.
  13. H. Gilbert and M. Minier, "A Collision Attack on 7 Rounds of Rijndael," 3rd Adv. Encryption Standard Candidate Conf., 2000, pp. 230-241.
  14. N. Ferguson et al., "Improved Cryptanalysis of Rijndael," FSE, LNCS, vol. 1978, Springer, 2001, pp. 213-230.
  15. P. Li, B. Sun, and C. Li, "Integral Cryptanalysis of ARIA," INSCRYPT, LNCS, vol. 6151, Springer, 2011, pp. 1-14.
  16. Y. Li, W. Wu, and L. Zhang. "Integral Attacks on Reduced-Round ARIA Block Cipher," ISPEC, LNCS, vol. 6047, Springer, 2010, pp. 19-29.
  17. J. Kim et al., "Impossible Differential Cryptanalysis for Block Cipher Structures," INDOCRYPT, LNCS, vol. 2904, Springer, 2003, pp. 82-96.
  18. J. Kim, S. Hong, and J. Lim, "Impossible Differential Cryptanalysis Using Matrix Method," Discrete Mathematics, vol. 310, no. 5, Elsevier, 2010, pp. 988-1002.
  19. K. Nyberg, "Generalized Feistel Networks," ASIACRYPT, LNCS, vol. 1163, Springer, 1996, pp. 91-104.
  20. J. Choy et al., "Cryptographic Properties and Application of a Generalized Unbalanced Feistel Network Structure," ACISP, LNCS, vol. 5594, Springer, 2009, pp. 73-89.
  21. R. Li et al., "Cryptanalysis of a Generalized Unbalanced Feistel Network Structure," ACISP, LNCS, vol. 6168, Springer, 2010, pp. 1-18.