Degree of Composition of Highly Nonlinear Functions and Applications to Higher Order Differential Cryptanalysis

  • Anne Canteaut
  • Marion Videau
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2332)

Abstract

To improve the security of iterated block ciphers, the resistance against linear cryptanalysis has been formulated in terms of provable security which suggests the use of highly nonlinear functions as round functions. Here, we show that some properties of such functions enable to find a new upper bound for the degree of the product of its Boolean components. Such an improvement holds when all values occurring in the Walsh spectrum of the round function are divisible by a high power of 2. This result leads to a higher order differential attack on any 5-round Feistel ciphers using an almost bent substitution function. We also show that the use of such a function is precisely the origin of the weakness of a reduced version of MISTY1 reported in [23, 1].

Keywords

Block ciphers higher order differential cryptanalysis Boolean functions nonlinearity 

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Anne Canteaut
    • 1
  • Marion Videau
    • 1
  1. 1.INRIA — projet CODESLe Chesnay CedexFrance

Personalised recommendations