On the Decorrelated Fast Cipher (DFC) and Its Theory

  • Lars R. Knudsen
  • Vincent Rijmen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1636)


In the first part of this paper the decorrelation theory of Vaudenay is analysed. It is shown that the theory behind the proposed constructions does not guarantee security against state-of-the-art differential attacks. In the second part of this paper the proposed Decorrelated Fast Cipher (DFC), a candidate for the Advanced Encryption Standard, is analysed. It is argued that the cipher does not obtain provable security against a differential attack. Also, an attack on DFC reduced to 6 rounds is given.


Block Cipher Advance Encryption Standard Modular Multiplication Round Function Fourth Round 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    J. Borst, L.R. Knudsen, V. Rijmen, “Two attacks on reduced IDEA,” Advances in Cryptology, Proceedings Eurocrypt’ 97, LNCS 1233, W. Fumy, Ed., Springer-Verlag, 1997, pp. 1–13.Google Scholar
  2. 2.
    H. Gilbert, M. Girault, P. Hoogvorst, F. Noilhan, T. Pornin, G. Poupard, J, Stern, S. Vaudenay, “Decorrelated fast cipher: an AES candidate,” Technical report, available from http://www/ Submitted as an AES candidate. See also
  3. 3.
    L.R. Knudsen. DEAL-a 128-bit block cipher. Technical Report 151, Department of Informatics,University of Bergen, Norway, February 1998. Submitted as an AES candidate. See also Scholar
  4. 4.
    X. Lai, J.L. Massey, and S. Murphy. Markov ciphers and differential cryptanalysis. In D.W. Davies, editor, Advances in Cryptology-EUROCRYPT’91, LNCS 547, pages 17–38. Springer Verlag, 1992.Google Scholar
  5. 6.
    S. Vaudenay, “Feistel ciphers with L2-decorrelation,” Preproceedings of SAC’98, August’ 98, Kingston (Canada).Google Scholar
  6. 7.
    S. Vaudenay. “Provable Security for Block Ciphers by Decorrelation,” In STACS’98, Paris, France, LNCS 1373, Springer-Verlag, 1998, pp. 249–275.Google Scholar
  7. 8.
    D. Wagner. The boomerang attack. In these proceedings.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Lars R. Knudsen
    • 1
  • Vincent Rijmen
    • 1
  1. 1.Department of InformaticsUniversity of BergenBergen

Personalised recommendations