On hidden sums compatible with a given block cipher diffusion layer

Brunetta, Carlo; Calderini, Marco; Sala, Massimiliano

doi:10.1016/j.disc.2018.10.003

Cited by 11 publications

(3 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The c-differential uniformity thus seems to be just a tool to measure the resistance of a cipher against a specific differential attack based on this operation. We want to note that the general form of differential as described in Definition III.1 was analysed in a series of papers [37], [38] with the idea to find specific binary operations that can lead to efficient differential attacks (or, possibly, for a malicious designer, to a "hidden", non-public binary operation that serves as a trapdoor to a cipher resistant against the usual attacks). However, the authors in those papers only analyse a subclass of binary operations that excludes the specific binary operation • that we identified as being related to the c-differential uniformity here.…”

Section: A a General Differential Attackmentioning

confidence: 99%

Differential biases, $c$-differential uniformity, and their relation to differential attacks

Bartoli¹,

Kölsch²,

Micheli³

2022

Preprint

View full text Add to dashboard Cite

Differential cryptanalysis famously uses statistical biases in the propagation of differences in a block cipher to attack the cipher. In this paper, we investigate the existence of more general statistical biases in the differences. To this end, we discuss the c-differential uniformity of S-boxes, which is a concept that was recently introduced in Ellingsen et. al. [IEEE Transactions on Information Theory, vol. 66, no. 9 (2020)] to measure certain statistical biases that could potentially be used in attacks similar to differential attacks. Firstly, we prove that a large class of potential candidates for S-boxes necessarily has large c-differential uniformity for all but at most B choices of c, where B is a constant independent of the size of the finite field q. This result implies that for a large class of functions, certain statistical differential biases are inevitable.In a second part, we discuss the practical possibility of designing a differential attack based on weaknesses of S-boxes related to their c-differential uniformity.

show abstract

Section: A a General Differential Attackmentioning

confidence: 99%

Differential biases, $c$-differential uniformity, and their relation to differential attacks

Bartoli¹,

Kölsch²,

Micheli³

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…This is also the case for T g . In [CS17,BCS19] the authors designed a toy cipher whose set of encryption functions is contained in a conjugate AGL(V ) g for some g ∈ Sym(V ). In other words, the encryption functions are affine with respect to the new operation, different from the classical bitwise XOR, defined as above from T g .…”

Section: Introductionmentioning

confidence: 99%

Regular subgroups with large intersection

Aragona

Civino

Gavioli

et al. 2019

Annali di Matematica

View full text Add to dashboard Cite

show abstract

“…As we will discuss later, the mentioned problem is of general interest in cryptography, and results in this direction will produce examples of XOR-based trapdoor ciphers for which a non-XOR distinguisher may exist. Unfortunately, only partial solutions to this problem are known [14,17,18]. Keeping our focus in this direction, after performing some computational experiments, we are able to design a toy cipher similar to the one in Civino et al [14], with 4 parallel s-boxes of 4 bits each 4 together with an alternative parallel operation • that can be used to attack it.…”

Section: Introductionmentioning

confidence: 99%

Differential attacks: using alternative operations

Civino

Blondeau

Sala

2018

Des. Codes Cryptogr.

View full text Add to dashboard Cite

The use of alternative operations in differential cryptanalysis, or alternative notions of differentials, are lately receiving increasing attention. Recently, Civino et al. managed to design a block cipher which is secure w.r.t. classical differential cryptanalysis performed using XOR-differentials, but weaker with respect to the attack based on an alternative difference operation acting on the first s-box of the block. We extend this result to parallel alternative operations, i.e. acting on each s-box of the block. First, we recall the mathematical framework needed to define and use such operations. After that, we perform some differential experiments against a toy cipher and compare the effectiveness of the attack w.r.t. the one that uses XOR-differentials.

show abstract

On hidden sums compatible with a given block cipher diffusion layer

Cited by 11 publications

References 10 publications

Differential biases, $c$-differential uniformity, and their relation to differential attacks

Differential biases, $c$-differential uniformity, and their relation to differential attacks

Regular subgroups with large intersection

Differential attacks: using alternative operations

Contact Info

Product

Resources

About