Security on Generalized Feistel Scheme with SP Round Function
نویسندگان
چکیده
This paper studies the security against differential/linear cryptanalysis and the pseudorandomness for a class of generalized Feistel scheme with SP round function called GFSP . We consider the minimum number of active s-boxes in some consecutive rounds of GFSP ,i.e., in four, eight and sixteen consecutive rounds, which provide the upper bound of the maximum differential/linear probabilities of 16-round GFSP scheme, in order to evaluate the strength against differential/linear cryptanalysis. Furthermore, We investigate the pseudorandomness of GFSP , point out 7-round GFSP is not pseudorandom for non-adaptive adversary, by using some distinguishers, and prove that 8-round GFSP is pseudorandom for any adversaries.
منابع مشابه
Double-SP Is Weaker Than Single-SP: Rebound Attacks on Feistel Ciphers with Several Rounds
1 Research Summary Comparing the security of single-SP and double-SP round functions on the generalized Feistel. – Assumption: an infinite number of rounds – Results: double-SP causes more active S-boxes than single-SP, and thus double-SP is more secure. – Motivation: a number of rounds is small in practice. – Results: For 6 or 7 rounds, the rebound attack works more for double-SP than single-SP.
متن کاملOn Generalized Feistel Networks
We prove beyond-birthday-bound security for most of the well-known types of generalized Feistel networks: (1) unbalanced Feistel networks, where the n-bit to m-bit round functions may have n ̸= m; (2) alternating Feistel networks, where the round functions alternate between contracting and expanding; (3) type-1, type-2, and type-3 Feistel networks, where n-bit to n-bit round functions are used t...
متن کاملOn the Security of Extended Generalized Feistel Networks
In this paper, we analyze the security claims of Extended Generalized Feistel Networks (EGFNs) schemes proposed by Berger et al [1]. We provide impossible differentials for 10 rounds of EGFNs with 16 branches which add up one round to the claim of 9 rounds in the impossible differential trail. Therefore, impossible differential trail covers 10 rounds for the EGFNs scheme, which is the best resu...
متن کاملThe Pseudorandomness of Many-Round Lai-Massey Scheme
In this paper we prove beyond-birthday-bound for the (strong) pseudorandomness of many-round Lai-Massey scheme. Motivated by Hoang and Rogaway’s analysis of generalized Feistel networks, we use the coupling technology from Markov chain theory and prove that for any > 0, with enough rounds, the Lai-Massey scheme is indistinguishable from a uniform random permutation by any computationally unbo...
متن کاملDistinguishing Attacks on a Kind of Generalized Unbalanced Feistel Network
Recently, a new kind of Generalized Unbalanced Feistel Network, denoted as GUFN-n, is proposed by Choy et al. at ACISP 2009. The advantages of this structure are that it allows parallel computations for encryption and it can provide provable security against traditional differential and linear cryptanalysis given that the round function is bijective. For this new structure, the designers also f...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2004 شماره
صفحات -
تاریخ انتشار 2004