Inefficiency of variant characteristics for substitution-permutation networks with position permutations
In the early '90th E.Biham and A.Shamir for the first time presented new, effective method of the cryptanalysis of the Data Encryption Standard (DES) algorithm — a differential cryptanalysis. This method can be applyed to many types of the algorithms based on substitutions and permutations called the substitution-permutation networks (SPNs).
Together with introducing the differential cryptanalysis appeared a problem of improving resistance of the ciphers against this method of attack. The differential cryptanalysis is based on existance of the differential characteristics. Designing the differential characteristics is a fundamental of the differential cryptanalysis. In this paper we present a kind of extention of the substitution-permutation networks called a position permutation. Applying the position permutations in SPN disables creating the differential characteristics like presented by Biham and Shamir. It is necessary to emphasize that applying the position permutations in the SPN does not change the type of algorithm; it is still the substitution-permutation network.
Differential cryptanalysis of the SPNs with the position permutations can be made with use of so called variant charcteristics. In this paper we show that these characteristics are inefficient and the differential cryptanalysis of the networks with the position permutations is much more difficult than the cryptanalysisof the network without these permutations.
Unable to display preview. Download preview PDF.
- E.Biham, A.Shamir. Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer. Advances in Cryptology — CRYPTO'91, pages 156–171, Springer-Verlag, 1992.Google Scholar
- E.Biham, A.Shamir. Differential cryptanalysis of the Full 16-Round DES. Advances in Cryptolgy — CRYPTO'92, pages 487–496, Springer-Verlag, 1993.Google Scholar
- L.Brown, M.Kwan, J.Pieprzyk, J.Sebbery. Improving Resistance to Differential Cryptoanalysis and the Redesign of LOKI. Advances in Cryptology — ASIACRYPT'91, pages 36–50, Springer-Verlag, 1992.Google Scholar
- L.Brown, J.Seberry. On the design of permutation P in DES type cryptosystems. Advances in Cryptology — EUROCRYPT'89, pages 696–705, Springer-Verlag, 1990.Google Scholar
- C.Carnes, J.Pieprzyk. Linear Nonequivalence versus Nonlinearity. Advances in Cryptology — AUSCRYPT'92, pages 156–164, Springer-Verlag, 1993.Google Scholar
- K.Kim. Construction of DES-like S-boxes Based on Boolean Functions Satisfying the SAC. Advances in Cryptology-ASIACRYPT'91, pages 59–72, Springer-Verlag, 1992.Google Scholar
- L.R.Knudsen. Cryptanalysis of LOKI91. Advances in Cryptology — AUSCRYPT'92, pages 196–208, Springer-Verlag, 1993.Google Scholar
- L.R.Knudsen.Iterative Characteristics of DES and s2-DES. Advances in Cryptology — CRYPTO'92, pages 497–511, Springer-Verlag, 1993.Google Scholar
- M. Matsui. Linear cryptanslysis method for DES cipher. Advances in Cryptology — EUROCRYPT'93, pages 386–397, Springer-Verlag, 1994.Google Scholar
- K.Nyberg, L.R.Knudsen. Provable Security Against Differential Cryptanalysis. Advances in Cryptology — CRYPTO'92, pages 566–574, Springer-Verlag, 1993.Google Scholar