Markov Ciphers and Alternating Groups
This paper includes some relations between differential cryptanalysis and group theory. The main result is the following: If the one-round functions of an r-round iterated cipher generate the alternating or the symmetric group, then for all corresponding Markov ciphers the chains of differences are irreducible and aperiodic.
As an application it will be shown that if the hypothesis of stochastic equivalence holds for any of these corresponding Markov ciphers, then the DES and the IDEA(32) are secure against a differential cryptanalysis attack after sufficiently many rounds for these Markov ciphers.
The section about IDEA(32) includes the result that the one-round functions of this algorithm generate the alternating group.
- [EG 83]
- [Fel 58]Feller, W. An Introduction to Probability Theory and Its Applications Volume I, Second Edition 1958 John Wiley & Sons, Inc., New YorkGoogle Scholar
- [Lai 92]Lai, X. On the Design and Security of Block Ciphers ETH Series in Information Processing, v.1 (Dissertation) Hartung-Gorre Verlag, Konstanz, 1992Google Scholar
- [LMM 91]Lai, X.; Massey, J. L.; Murphy, S. Markov Ciphers and Differential Cryptanalysis Proc. EUROCRYPT’ 91, LNCS 547, 1991, 17–38Google Scholar
- [NBS 77]Data Encryption Standard (DES) US NBS, FIPS PUB 46, 1977, WashingtonGoogle Scholar
- [Rob 82]Robinson, D. J. S. A Course in the Theory of Groups Graduate Texts in Mathematics, Springer, 1982, New YorkGoogle Scholar
- [Wer 93]Wernsdorf, R. The One-Round Functions of the DES Generate the Alternating Group Proc. EUROCRYPT’ 92, LNCS 658, 1993, 99–112Google Scholar
- [Wie 64]Wielandt, H. Finite Permutation Groups Academic Press, 1964, New York and LondonGoogle Scholar