Security Analysis of the GF-NLFSR Structure and Four-Cell Block Cipher

  • Wenling Wu
  • Lei Zhang
  • Liting Zhang
  • Wentao Zhang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5927)


The overall structure is one of the most important properties of block ciphers. At present, the most common structures include Feistel structure, SP structure, MISTY structure, L-M structure and Generalized Feistel structure. In [12], Choy et al. proposed a new structure called GF-NLFSR (Generalized Feistel-NonLinear Feedback Shift Register), and designed a new block cipher called Four-Cell which is based on the 4-cell GF-NLFSR. In this paper, we first study properties of the n-cell GF-NLFSR structure, and prove that for an n-cell GF-NLFSR, there exists an (n 2 + n − 2) rounds impossible differential. Then we present an impossible differential attack on the full 25-round Four-Cell using this kind of 18-round impossible differential distinguisher together with differential cryptanalysis technique. The data complexity of our attack is 2111.5 and the time complexity is less than 2123.5 encryptions. In addition, we expect the attack to be more efficient when the relations between different round subkeys can be exploited by taking the key schedule algorithm into consideration.


GF-NLFSR structure Four-Cell block cipher Impossible differential cryptanalysis Data complexity Time complexity 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Nyberg, K., Kundsen, L.: Provable Security against Differential Cryptanalysis. Journal of Cryptology 1(8), 156–168 (1995)Google Scholar
  2. 2.
    Knudsen, L.: Practically secure Feistel ciphers. In: Anderson, R. (ed.) FSE 1993. LNCS, vol. 809, pp. 211–221. Springer, Heidelberg (1994)Google Scholar
  3. 3.
    Kanda, M.: Practical security evaluation against differential and linear cryptanalyses for feistel ciphers with SPN round function. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, p. 324. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal on Computing 17(2), 373–386 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Lucks, S.: Faster Luby-Rackoff ciphers. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 189–203. Springer, Heidelberg (1996)Google Scholar
  6. 6.
    Patel, S., Ramzan, Z., Sundaram, G.: Towards making Luby-Rackoff ciphers optimal and practical. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 171–185. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  7. 7.
    Naor, M., Reingold, O.: On the construction of pseudorandom permutations Luby-Rackoff revisited. Journal of Cryptology 12(1), 9–66 (1999)MathSciNetGoogle Scholar
  8. 8.
    Maurer, U., Pietrzak, K.: The security of Many-Round Luby-Rackoff Pseudorandom Permutation. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 544–561. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Patarin, J.: Security of Random Feistel schemes with 5 or more rounds. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 106–122. Springer, Heidelberg (2004)Google Scholar
  10. 10.
    Wenling, W.: Pseudorandomness of Camellia-like scheme. Journal of Computer Science and Technology 12(1), 1–10 (2006)Google Scholar
  11. 11.
    Matsui, M.: New Structure of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 205–217. Springer, Heidelberg (1996)Google Scholar
  12. 12.
    Matsui, M.: New Block Encryption Algorithm MISTY. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 54–68. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  13. 13.
    ETSI, Universal Mobile Telecommunications System (UMTS), Specification of the 3GPP confidentiality and integrity algorithms, Document 2: Kasumi specification (2007),
  14. 14.
    Iwata, T., Yoshino, T., Yuasa, T., Kurosawa, K.: Round security and super- pseudorandomness of MISTY type structure. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 233–247. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Piret, G., Quisquater, J.-J.: Security of the MISTY Structure in the Luby-Rackoff Model: Improved Results. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 100–115. Springer, Heidelberg (2004)Google Scholar
  16. 16.
    Kang, J.S., Yi, O., Hong, D., et al.: Pseudorandomness of Misty-type Transformations and the Block Cipher KASUMI. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 60–73. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  17. 17.
    Iwata, T., Yagi, T., Kurosawa, K.: On the Pseudorandomness of KASUMI Type Permutations. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 217–289. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  18. 18.
    Vaudenay, S.: On the Lai-Massey Scheme. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 9–19. Springer, Heidelberg (1999)Google Scholar
  19. 19.
    Junod, P., Vaudenay, S.: FOX: a new Family of Block Ciphers. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 131–146. Springer, Heidelberg (2004)Google Scholar
  20. 20.
    Schneier, B., Kelsey, J.: Unbalanced Feistel Networks and Block Cipher Design. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 121–144. Springer, Heidelberg (2005)Google Scholar
  21. 21.
    Adams, C.: Constructing Symmetric Ciphers Using the CAST Design Procedure. Designs, Codes and Cryptography 12(3), 283–316 (1997)zbMATHCrossRefMathSciNetGoogle Scholar
  22. 22.
    MARS Block cipher,
  23. 23.
    Specification of SMS4, Block Cipher for WLAN Products-SMS4 (in Chinese),
  24. 24.
    Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-bit blockcipher CLEFIA (Extended abstract). In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  25. 25.
    Moriai, S., Vaudenay, S.: On the Pseudorandomness of Top-Level Schemes of Block Ciphers. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 289–302. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  26. 26.
    Nyberg, K.: Generlized Feistel networks. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 91–104. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  27. 27.
    Wu, W., Zhang, W., Lin, D.: On the Security of Generalized Feistel Scheme with SP Round Function. International Journal Network Security 2(3), 296–305 (2006)Google Scholar
  28. 28.
    Shirai, T., Shibutani, K.: On Feistel structures using a diffusion switching mechanism. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 41–56. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  29. 29.
    Choy, J., Chew, G., Khoo, K., Yap, H.: Cryptographic Properties and Application of a Generalized Unbalanced Feistel Network Structure. In: Boyd, C., González Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 73–89. Springer, Heidelberg (2009)Google Scholar
  30. 30.
    Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999)Google Scholar
  31. 31.
    Phan, R.C.-W.: Impossible Differential Cryptanalysis of 7-round AES. Information Processing Letters 91(1), 33–38 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  32. 32.
    Zhang, W., Wu, W., Feng, D.: New Results on Impossible Differential Cryptanalysis of Reduced AES. In: Nam, K.-H., Rhee, G. (eds.) ICISC 2007. LNCS, vol. 4817, pp. 239–250. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  33. 33.
    Wu, W., Zhang, W., Feng, D.: Impossible Differential Cryptanalysis of Reduced-Round ARIA and Camellia. Journal of Computer Science and Technology 22(3), 449–456 (2007)CrossRefGoogle Scholar
  34. 34.
    Tsunoo, Y., Tsujihara, E., Shigeri, M., Saito, T., Suzaki, T., Kubo, H.: Impossible differential cryptanalysis of CLEFIA. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 398–411. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  35. 35.
    Dunkelman, O., Keller, N.: An Improved Impossible Differential Attack on MISTY1. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 441–454. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  36. 36.
    Kim, J.-S., Hong, S.H., Sung, J., Lee, S.-J., Lim, J.-I., Sung, S.H.: Impossible differential cryptanalysis for block cipher structures. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 82–96. Springer, Heidelberg (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Wenling Wu
    • 1
  • Lei Zhang
    • 1
  • Liting Zhang
    • 1
  • Wentao Zhang
    • 1
  1. 1.State Key Laboratory of Information Security, Institute of SoftwareChinese Academy of SciencesBeijingP.R. China

Personalised recommendations