in this paper, we show how to obtain suitable differential charactristics for block ciphers with neural networks. we represent the operations of a block cipher, regarding their differential characteristics, through a directed weighted graph. in this way, the problem of finding the best differential characteristic for a block cipher reduces to the problem of finding the minimum-weight multi-path...

We present a new algorithm that evaluates provable security against differential and linear cryptanalysis for Feistel ciphers with invertible substitution-diffusion (SD)-based round functions. This algorithm computes an upper bound on the maximum expected differential or linear probability (MEDP or MELP) based on the number of rounds. We then apply our algorithm to Camellia (minus FL/FL). Previ...

Hamsi is one of 14 remaining candidates in NIST’s Hash Competition for the future hash standard SHA-3. Until now, little analysis has been published on its resistance to differential cryptanalysis, the main technique used to attack hash functions. We present a study of Hamsi’s resistance to differential and higher-order differential cryptanalysis, with focus on the 256-bit version of Hamsi. Our...

This paper studies the security against differential/linear cryptanalysis and the pseudorandomness for a class of generalized Feistel scheme with SP round function called GFSP . We consider the minimum number of active s-boxes in some consecutive rounds of GFSP ,i.e., in four, eight and sixteen consecutive rounds, which provide the upper bound of the maximum differential/linear probabilities of...

Algebraic cryptanalysis is as a general framework that permits to assess the security of a wide range of cryptographic schemes. However, the feasibility of algebraic cryptanalysis against block ciphers remains the source of speculation and especially in targeting modern block ciphers. The main problem is that the size of the corresponding algebraic system is so huge (thousand of variables and e...

Differential Cryptanalysis is currently the most powerful tool available for analysing block ciphers, and new block ciphers need to be designed to resist it. It has been suggested that the use of S-boxes based on bent functions, with a fiat XOR profile, would be immune. However our studies of differential cryptanalysis, particularly applied to the LOKI cipher, have shown that this is not the ca...

This paper is motivated by some results presented by Knudsen, Robshaw and Wagner at Crypto’99 [3], that described many attacks of reduced versions of Skipjack, some of them being erroneous. Differential cryptanalysis is based on distinguishers, any attack should prove that the events that triggers the analysis has not the same probability for the cipher than for a random function. In particular...

LBlock is a 64-bit lightweight block cipher which can be implemented in both constrained hardware environments, such as wireless sensor network, and software platforms. In this paper, we study the security of LBlock against a differential fault analysis. Based on a random nibble fault model, we propose two versions of the attack on LBlock. In the first attack, we inject random nibble faults to ...

LBlock is a lightweight block cipher proposed in ACNS 2011. It has 64-bit block size and 80-bit key size which is the typical parameter setting accpeted by most of the recent proposed lightweight block ciphers. It has fast hardware implementation efficiency and it still remains rather secure considering the recent results and the security margin it provides. In this paper, we investigate the di...