Impossible differential cryptanalysis for block cipher structures

Jongsung Kim, Seokhie Hong, Jaechul Sung, Sangjin Lee, Jong In Lim, Soohak Sung

Research output: Contribution to journalArticle

69 Citations (Scopus)

Abstract

Impossible Differential Cryptanalysis(IDC) [4] uses impossible differential characteristics to retrieve a subkey material for the first or the last several rounds of block ciphers. Thus, the security of a block cipher against IDC can be evaluated by impossible differential characteristics. In this paper, we study impossible differential characteristics of block cipher structures whose round functions are bijective. We introduce a widely applicable method to find various impossible differential characteristics of block cipher structures. Using this method, we find various impossible differential characteristics of known block cipher structures: Nyberg's generalized Feistel network, a generalized CAST256-like structure [14], a generalized MARS-like structure [14], a generalized RC6-like structure [14], and Rijndael structure.

Original languageEnglish
Pages (from-to)82-96
Number of pages15
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2904
Publication statusPublished - 2003 Dec 1

Fingerprint

Differential Cryptanalysis
Block Cipher
Rijndael
Block Ciphers
Bijective

Keywords

  • Block cipher structures
  • Impossible differential characteristic
  • Impossible Differential Cryptanalysis(IDC)

ASJC Scopus subject areas

  • Computer Science(all)
  • Biochemistry, Genetics and Molecular Biology(all)
  • Theoretical Computer Science
  • Engineering(all)

Cite this

@article{d6cb55fcfef14169a040a8775fa482d5,
title = "Impossible differential cryptanalysis for block cipher structures",
abstract = "Impossible Differential Cryptanalysis(IDC) [4] uses impossible differential characteristics to retrieve a subkey material for the first or the last several rounds of block ciphers. Thus, the security of a block cipher against IDC can be evaluated by impossible differential characteristics. In this paper, we study impossible differential characteristics of block cipher structures whose round functions are bijective. We introduce a widely applicable method to find various impossible differential characteristics of block cipher structures. Using this method, we find various impossible differential characteristics of known block cipher structures: Nyberg's generalized Feistel network, a generalized CAST256-like structure [14], a generalized MARS-like structure [14], a generalized RC6-like structure [14], and Rijndael structure.",
keywords = "Block cipher structures, Impossible differential characteristic, Impossible Differential Cryptanalysis(IDC)",
author = "Jongsung Kim and Seokhie Hong and Jaechul Sung and Sangjin Lee and Lim, {Jong In} and Soohak Sung",
year = "2003",
month = "12",
day = "1",
language = "English",
volume = "2904",
pages = "82--96",
journal = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
issn = "0302-9743",
publisher = "Springer Verlag",

}

TY - JOUR

T1 - Impossible differential cryptanalysis for block cipher structures

AU - Kim, Jongsung

AU - Hong, Seokhie

AU - Sung, Jaechul

AU - Lee, Sangjin

AU - Lim, Jong In

AU - Sung, Soohak

PY - 2003/12/1

Y1 - 2003/12/1

N2 - Impossible Differential Cryptanalysis(IDC) [4] uses impossible differential characteristics to retrieve a subkey material for the first or the last several rounds of block ciphers. Thus, the security of a block cipher against IDC can be evaluated by impossible differential characteristics. In this paper, we study impossible differential characteristics of block cipher structures whose round functions are bijective. We introduce a widely applicable method to find various impossible differential characteristics of block cipher structures. Using this method, we find various impossible differential characteristics of known block cipher structures: Nyberg's generalized Feistel network, a generalized CAST256-like structure [14], a generalized MARS-like structure [14], a generalized RC6-like structure [14], and Rijndael structure.

AB - Impossible Differential Cryptanalysis(IDC) [4] uses impossible differential characteristics to retrieve a subkey material for the first or the last several rounds of block ciphers. Thus, the security of a block cipher against IDC can be evaluated by impossible differential characteristics. In this paper, we study impossible differential characteristics of block cipher structures whose round functions are bijective. We introduce a widely applicable method to find various impossible differential characteristics of block cipher structures. Using this method, we find various impossible differential characteristics of known block cipher structures: Nyberg's generalized Feistel network, a generalized CAST256-like structure [14], a generalized MARS-like structure [14], a generalized RC6-like structure [14], and Rijndael structure.

KW - Block cipher structures

KW - Impossible differential characteristic

KW - Impossible Differential Cryptanalysis(IDC)

UR - http://www.scopus.com/inward/record.url?scp=0346895385&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0346895385&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:0346895385

VL - 2904

SP - 82

EP - 96

JO - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

JF - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SN - 0302-9743

ER -