On Feistel Structures Using a Diffusion Switching Mechanism

  • Taizo Shirai
  • Kyoji Shibutani
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4047)

Abstract

We study a recently proposed design approach of Feistel structure which employs diffusion matrices in a switching way. At ASIACRYPT 2004, Shirai and Preneel have proved that large numbers of S-boxes are guaranteed to be active if a diffusion matrix used in a round function is selected among multiple matrices. However the optimality of matrices required by the proofs sometimes pose restriction to find matrices suitable for actual blockciphers. In this paper, we extend their theory by replacing the condition of optimal mappings with general-type mappings, consequently the restriction is eliminated. Moreover, by combining known lower bounds for usual Feistel structure, we establish a method to estimate the guaranteed number of active S-boxes for arbitrary round numbers. We also demonstrate how the generalization enables us to mount wide variety of diffusion mappings by showing concrete examples.

Keywords

blockcipher Feistel structure optimal diffusion mappings 

References

  1. 1.
    Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: A 128-bit block cipher suitable for multiple platforms. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 41–54. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Barreto, P.S.L.M., Rijmen, V.: The Whirlpool hashing function. Primitive submitted to NESSIE (September 2000), Available at, http://www.cryptonessie.org/
  3. 3.
    Biham, E., Shamir, A.: Differential cryptanalysis of des-like cryptosystems. Journal of Cryptology 4, 3–72 (1991)MATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Daemen, J., Rijmen, V.: Statistics of correlation and differentials in block ciphers. In: IACR ePrint archive 2005/212 (2005)Google Scholar
  5. 5.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard (Information Security and Cryptography). Springer, Heidelberg (2002)Google Scholar
  6. 6.
    Feistel, H.: Cryptography and computer privacy. Scientific American 228, 15–23 (1973)CrossRefGoogle Scholar
  7. 7.
    Data Encryption Standard, Federal Information Processing Standard (FIPS). National Bureau of Standards, U.S. Department of Commerce, Washington D.C. (January 1977)Google Scholar
  8. 8.
    International Organization for Standardization, ISO/IEC 10118-3: Information Technology - Security Techniques - Hash-functions - Part 3: Dedicated hashfunctions (2003)Google Scholar
  9. 9.
    Kanda, M.: Practical security evaluation against differential and linear cryptanalyses for Feistel ciphers with SPN round function. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 324–338. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal on Computing 17, 373–386 (1988)MATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Matsui, M.: Linear cryptanalysis of the data encryption standard. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)Google Scholar
  12. 12.
    Matsui, M.: New structure of block ciphers with provable security against differential and linear cryptanalysis. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 205–218. Springer, Heidelberg (1996)Google Scholar
  13. 13.
    Nyberg, K., Knudsen, L.R.: Provable security against a differential cryptanalysis. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 566–574. Springer, Heidelberg (1993)Google Scholar
  14. 14.
    Rijmen, V., Daemen, J., Preneel, B., Bossalaers, A., Win, E.D.: The cipher SHARK. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 99–111. Springer, Heidelberg (1996)Google Scholar
  15. 15.
    Rivest, R.L., Robshaw, M.J.B., Sidney, R., Yin, Y.L.: The RC6 block cipher. Primitive submitted to AES (1998), Available at, http://www.rsasecurity.com/
  16. 16.
    Schneier, B., Kelsey, J.: Unbalanced Feistel networks and block cipher design. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 121–144. Springer, Heidelberg (1996)Google Scholar
  17. 17.
    Schneier, B., Kelsey, J., Whiting, D., Wagner, D., Hall, C., Ferguson, N.: Twofish: A 128-bit block cipher. Primitive submitted to AES (1998), Available at, http://www.schneier.com/
  18. 18.
    Shirai, T., Kanamaru, S., Abe, G.: Improved upper bounds of differential and linear characteristic probability for Camellia. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 128–142. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  19. 19.
    Shirai, T., Preneel, B.: On feistel ciphers using optimal diffusion mappings across multiple rounds. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 1–15. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  20. 20.
    Shirai, T., Shibutani, K.: On the diffusion matrix employed in the Whirlpool hashing function. NESSIE Public reports (2003), Available at, http://www.cryptonessie.org/Google Scholar
  21. 21.
    Shirai, T., Shibutani, K.: Improving immunity of Feistel ciphers against differential cryptanalysis by using multiple MDS matrices. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 260–278. Springer, Heidelberg (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Taizo Shirai
    • 1
  • Kyoji Shibutani
    • 1
  1. 1.Sony CorporationTokyoJapan

Personalised recommendations