Provable Security of SP Networks with Partial Non-Linear Layers
نویسندگان
چکیده
منابع مشابه
Cryptanalysis of SP Networks with Partial Non-Linear Layers
Design of SP networks in which the non-linear layer is applied to only a part of the state in each round was suggested by Gérard et al. at CHES 2013. Besides performance advantage on certain platforms, such a design allows for more efficient masking techniques that can mitigate side-channel attacks with a small performance overhead. In this paper we present generic techniques for differential a...
متن کاملProvable Security of Networks
We propose a security hypothesis that a network is secure, if any deliberate attacks of a small number of nodes will never generate a global failure of the network, and a robustness hypothesis that a network is robust, if a small number of random errors will never generate a global failure of the network. Based on these hypotheses, we propose a definition of security and a definition of robustn...
متن کامل"Provable" Security against Differential and Linear Cryptanalysis
In this invited talk, a brief survey on the developments of countermeasures against differential and linear cryptanalysis methods is presented. 1 Nonlinearity of S-boxes Throughout the eighties the unpublished design criteria of the DES had inspired various authors to invent formal nonlinearity criteria for S-boxes such as the strict avalanche criterion [30] and the propagation criterion [27]. ...
متن کاملProvable Security of Substitution-Permutation Networks
Many modern block ciphers are constructed based on the paradigm of substitution-permutation networks (SPNs). But, somewhat surprisingly—especially in comparison with Feistel networks, which have been analyzed by dozens of papers going back to the seminal work of Luby and Rackoff—there are essentially no provable-security results about SPNs. In this work, we initiate a comprehensive study of the...
متن کاملProvable Security of BLAKE with Non-ideal Compression Function
We analyze the security of the SHA-3 finalist BLAKE. The BLAKE hash function follows the HAIFA design methodology, and as such it achieves optimal preimage, second preimage and collision resistance, and is indifferentiable from a random oracle up to approximately 2 assuming the underlying compression function is ideal. In our work we show, however, that the compression function employed by BLAK...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IACR Transactions on Symmetric Cryptology
سال: 2021
ISSN: 2519-173X
DOI: 10.46586/tosc.v2021.i2.353-388