2015
DOI: 10.1007/978-3-662-46800-5_12
|View full text |Cite
|
Sign up to set email alerts
|

Structural Evaluation by Generalized Integral Property

Abstract: In this paper, we show structural cryptanalyses against two popular networks, i.e., the Feistel Network and the Substitute-Permutation Network (SPN). Our cryptanalyses are distinguishing attacks by an improved integral distinguisher. The integral distinguisher is one of the most powerful attacks against block ciphers, and it is usually constructed by evaluating the propagation characteristic of integral properties, e.g., the ALL or BALANCE property. However, the integral property does not derive useful disting… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

1
240
0
1

Year Published

2015
2015
2023
2023

Publication Types

Select...
6
1
1

Relationship

1
7

Authors

Journals

citations
Cited by 243 publications
(242 citation statements)
references
References 24 publications
1
240
0
1
Order By: Relevance
“…When the round functions are bijective, such patterns always exist in Feistel Networks with up to at least 5 round. We also show that these distinguishers can be interpreted as particular integral distinguishers and describe some relations between our results and Todo's division property [9]. Due to their integral nature, our distinguishers are extremely memory efficient: we only need to store a block containing the sum studied.…”
Section: Introductionmentioning
confidence: 67%
See 1 more Smart Citation
“…When the round functions are bijective, such patterns always exist in Feistel Networks with up to at least 5 round. We also show that these distinguishers can be interpreted as particular integral distinguishers and describe some relations between our results and Todo's division property [9]. Due to their integral nature, our distinguishers are extremely memory efficient: we only need to store a block containing the sum studied.…”
Section: Introductionmentioning
confidence: 67%
“…This tool for finding integral attacks was introduced by Todo in [9] and later used by the same author to attack the full MISTY1 [21]. In his seminal paper, Todo gives some integral distinguishers against Feistel Network for various block sizes, number of rounds, degree of the Feistel functions for both bijective and non-bijective Feistel functions.…”
Section: Integral Attacksmentioning
confidence: 99%
“…As the linear layers we consider may be weaker than usual designing spn, it is also crucial that we ensure that ciphers built using such a linear layer are not vulnerable to integral attacks [18], in particular those based on the division property [19]. Incidentally, this gives us a criteria quantifying the diffusion provided by several steps of the cipher.…”
Section: Choosing the Linear Layer: Bounding The Medcp And Melcc Whilmentioning
confidence: 99%
“…This attack strategy has been further improved by Todo [19] who proposed the so-called division property as a means to track which bit should be fixed in the input to have a balanced output. He also described an algorithm allowing an attacker to easily find such distinguishers.…”
Section: Ensuring Resilience Against Integral Attacksmentioning
confidence: 99%
“…In [39], by using the division property, the author proposed a 6-round integral distinguisher of Camellia without F L/F L −1 layers as the best known integral distinguisher which could be built without knowing the details of the S-box. Based on the 8-round zero correlation linear hull presented in Example 1, the integral distinguisher which is independent with the choices of S-box could be improved from 6-round to 8-round:…”
Section: -Round Integral Distinguisher Of Camellia Without F L/f L −mentioning
confidence: 99%