### Abstract

In the SPN (Substitution-Permutation Network) structure, it is very important to design a diffusion layer to construct a secure block cipher against differential cryptanalysis and linear cryptanalysis. The purpose of this work is to prove that the SPN structure with a maximal diffusion layer provides a provable security against differential cryptanalysis and linear cryptanalysis in the sense that the probability of each differential (respectively linear hull) is bounded by p^{n} (respectively q^{n}), where p (respectively q) is the maximum differential (respectively liner hull) probability of n S-boxes used in the substitution layer.We will also give a provable security for the SPN structure with a semi-maximal diffusion layer against differential cryptanalysis and linear cryptanalysis.

Original language | English |
---|---|

Title of host publication | Fast Software Encryption - 7th International Workshop, FSE 2000, Proceedings |

Publisher | Springer Verlag |

Pages | 273-283 |

Number of pages | 11 |

Volume | 1978 |

ISBN (Print) | 9783540447061 |

Publication status | Published - 2001 |

Event | 7th International Workshop on Fast Software Encryption, FSE 2000 - New York, United States Duration: 2000 Apr 10 → 2000 Apr 12 |

### Publication series

Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|

Volume | 1978 |

ISSN (Print) | 03029743 |

ISSN (Electronic) | 16113349 |

### Other

Other | 7th International Workshop on Fast Software Encryption, FSE 2000 |
---|---|

Country | United States |

City | New York |

Period | 00/4/10 → 00/4/12 |

### Fingerprint

### ASJC Scopus subject areas

- Computer Science(all)
- Theoretical Computer Science

### Cite this

*Fast Software Encryption - 7th International Workshop, FSE 2000, Proceedings*(Vol. 1978, pp. 273-283). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 1978). Springer Verlag.

**Provable security against differential and linear cryptanalysis for the SPN structure.** / Hong, Seokhie; Lee, Sangjin; Lim, Jong In; Sung, Jaechul; Cheon, Donghyeon; Cho, Inho.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

*Fast Software Encryption - 7th International Workshop, FSE 2000, Proceedings.*vol. 1978, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 1978, Springer Verlag, pp. 273-283, 7th International Workshop on Fast Software Encryption, FSE 2000, New York, United States, 00/4/10.

}

TY - GEN

T1 - Provable security against differential and linear cryptanalysis for the SPN structure

AU - Hong, Seokhie

AU - Lee, Sangjin

AU - Lim, Jong In

AU - Sung, Jaechul

AU - Cheon, Donghyeon

AU - Cho, Inho

PY - 2001

Y1 - 2001

N2 - In the SPN (Substitution-Permutation Network) structure, it is very important to design a diffusion layer to construct a secure block cipher against differential cryptanalysis and linear cryptanalysis. The purpose of this work is to prove that the SPN structure with a maximal diffusion layer provides a provable security against differential cryptanalysis and linear cryptanalysis in the sense that the probability of each differential (respectively linear hull) is bounded by pn (respectively qn), where p (respectively q) is the maximum differential (respectively liner hull) probability of n S-boxes used in the substitution layer.We will also give a provable security for the SPN structure with a semi-maximal diffusion layer against differential cryptanalysis and linear cryptanalysis.

AB - In the SPN (Substitution-Permutation Network) structure, it is very important to design a diffusion layer to construct a secure block cipher against differential cryptanalysis and linear cryptanalysis. The purpose of this work is to prove that the SPN structure with a maximal diffusion layer provides a provable security against differential cryptanalysis and linear cryptanalysis in the sense that the probability of each differential (respectively linear hull) is bounded by pn (respectively qn), where p (respectively q) is the maximum differential (respectively liner hull) probability of n S-boxes used in the substitution layer.We will also give a provable security for the SPN structure with a semi-maximal diffusion layer against differential cryptanalysis and linear cryptanalysis.

UR - http://www.scopus.com/inward/record.url?scp=84974712857&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84974712857&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84974712857

SN - 9783540447061

VL - 1978

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 273

EP - 283

BT - Fast Software Encryption - 7th International Workshop, FSE 2000, Proceedings

PB - Springer Verlag

ER -