Advertisement

Journal of Cryptology

, Volume 8, Issue 1, pp 27–37 | Cite as

Provable security against a differential attack

  • Kaisa Nyberg
  • Lars Ramkilde Knudsen
Article

Abstract

The purpose of this paper is to show that DES-like iterated ciphers that are provably resistant against differential attacks exist. The main result on the security of a DES-like cipher with independent round keys is Theorem 1, which gives an upper bound to the probability of s-round differentials, as defined in [4], and this upper bound depends only on the round function of the iterated cipher. Moreover, it is shown that functions exist such that the probabilities of differentials are less than or equal to 23−n, where n is the length of the plaintext block. We also show a prototype of an iterated block cipher, which is compatible with DES and has proven security against differential attack.

Key words

DES-like ciphers Differential cryptanalysis Almost perfect nonlinear permutations Markov ciphers 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    E. Biham and A. Shamir. Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology, Vol. 4, No. 1, 1991, pp. 3–72.Google Scholar
  2. [2]
    E. Biham and A. Shamir. Differential Cryptanalysis of the Full 16-Round DES. Technical Report No. 708, Technion—Israel Institute of Technology.Google Scholar
  3. [3]
    P. Camion, C. Carlet, P. Charpin, and N. Sendrier. On correlation-immune functions. Advances in Cryptology—C rypto '91. Lecture Notes in Computer Science, Vol. 576. Springer-Verlag, Berlin, 1992, pp. 86–100.Google Scholar
  4. [4]
    X. Lai, J. L. Massey, and S. Murphy. Markov ciphers and differential cryptanalysis. Advances in Cryptology—E urocrypt '91. Lecture Notes in Computer Science, Vol. 547. Springer-Verlag, Berlin, 1992, pp. 17–38.Google Scholar
  5. [5]
    R. Lidl and H. Niederreiter. Finite Fields. Encyclopedia of Mathematics and Its Applications, Vol. 20. Addison-Wesley, Reading, Massachusetts, 1983.Google Scholar
  6. [6]
    W. Meier and O. Staffelbach. Nonlinearity criteria for cryptographic functions. Advances in Cryptology—E urocrypt '89. Lecture Notes in Computer Science, Vol. 434. Springer-Verlag, Berlin, 1990, pp. 549–562.Google Scholar
  7. [7]
    K. Nyberg. Perfect nonlinear S-boxes. Advances in Cryptology—E urocrypt '91. Lecture Notes in Computer Science, Vol. 547. Springer-Verlag, Berlin, 1991, pp. 378–386.Google Scholar
  8. [8]
    K. Nyberg. On the construction of highly nonlinear permutations. Advances in Cryptology—E urocrypt '92. Lecture Notes in Computer Science, Vol. 658. Springer-Verlag, Berlin, 1993, pp. 92–98.Google Scholar
  9. [9]
    K. Nyberg. Differentially uniform mappings for cryptography. Advances in Cryptology—E urocrypt '93. Lecture Notes in Computer Science, Vol. 765. Springer-Verlag, Berlin, 1994,pp. 55–64.Google Scholar

Copyright information

© International Association for Cryptologic Research 1995

Authors and Affiliations

  • Kaisa Nyberg
    • 1
  • Lars Ramkilde Knudsen
    • 1
  1. 1.Aarhus UniversityAarhus CDenmark

Personalised recommendations