Abstract
SMS4, a block cipher whose global structure adopts a special unbalanced Feistel scheme with SP round function, is accepted as the Chinese National Standard for securing Wireless LANs. In this paper, in order to evaluate the security against linear cryptanalysis, we examine the upper bound of the maximum linear characteristic probability of SMS4-like ciphers with SP round function. In the same way as for SPN ciphers, it is sufficient to consider the lower bound of the number of linear active s-boxes. We propose a formula to compute the lower bound of the number of linear active s-boxes with regard to the number of rounds. The security threshold of SMS4-like ciphers can be estimated easily with our result. Furthermore, if the number of input words in each round of SMS4-like cipher is m, we find that it is unnecessary for designers to make the linear branch number of P greater than 2m with respect to linear cryptanalysis.
Similar content being viewed by others
References
Biham E, Shamir A. Differential cryptanalysis of DES-like cryptosystems. In: CRYPTO 1990. LNCS, vol. 537. Berlin: Springer-Verlag, 1991. 386–397
Matsui M. Linear cryptanalysis method for DES cipher. In: EUROCRYPT 1993. LNCS, vol. 765. Berlin: Springer-Verlag, 1994. 386–397
Knudsen L. Practically secure Feistel cipher. In: FSE 1993. LNCS, vol. 809. Berlin: Springer-Verlag, 1994. 211–221
Kanda M. Practical security evaluation against differential and linear cryptanalyses for Feistel ciphers with SPN round function. In: SAC 2000. LNCS, vol. 2012. Berlin: Springer-Verlag, 2001. 324–338
Ohta K, Moriai S, Aoki K. Improving the search algorithm for the best linear expression. In: CRYPTO 1995. LNCS, vol. 963. Berlin: Springer-Verlag, 1995. 157–170
Matsui M. On correlation between the order of s-boxes and the strength of DES. In: EUROCRYPT 1993. LNCS, vol. 765. Berlin: Springer-Verlag, 1994. 366–375
Kanda M, Matsumoto T. Security of Camellia against truncated differential cryptanalysis. In: FSE 2001. LNCS, vol. 2355. Berlin: Springer-Verlag, 2002. 286–299
Shirai T, Kanamaru S, Abe G. Improved upper bounds of differential and linear characteristic probability for Camellia. In: FSE 2002. LNCS, vol. 2365. Berlin: Springer-Verlag, 2002. 128–142
Shirai T, Preneel B. On Feistel ciphers using optimal diffusion mappings across multiple rounds. In: ASIACRYPT 2004. LNCS, vol. 3329. Berlin: Springer-Verlag, 2004. 1–15
Wu W L, He Y P. Security evaluation for a class of generalized Feistel ciphers (in Chinese). J Electr Inf Tech, 2002, 24: 1177–1184
Zhang R W. Linear cryptanalysis for a class of generalized Feistel ciphers (in Chinese). J GUCAS, 2003, 20: 31–38
Wu W L, Zhang W T, Lin D D. On the security of generalized Feistel scheme with SP round function. Int J Netw Secur, 2006, 3: 215–224
Wang N P. Security analysis for a class of generalized Feistel ciphers (in Chinese). J Dalian Maritime Univ, 2007, 33: 63–67
Rijmen V, Daemon J, Preneel B, et al. The cipher SHARK. In: FSE 1996. LNCS, vol. 1039. Berlin: Springer-Verlag, 1996. 99–111
Kang J S, Park C, Lee S, et al. On the optimal diffusion layers with practical security against differential and linear cryptanalysis. In: ICISC 1999. LNCS, vol. 1787. Berlin: Springer-Verlag, 2000. 38–52
Daemen J, Rijmen V. The wide trail design strategy. In: Cryptography and Coding 2001. LNCS, vol. 2260. Berlin: Springer-Verlag, 2001. 222–238
Kang J S, Hong S, Lee S, et al. Practical and provable security against differential and linear cryptanalysis for substitution-permutation networks. ETRI J, 2001, 23: 158–167
Ali K. An algorithm to analyze substitution permutation network resistance to linear and differential cryptanalysis. Dissertation for the Master Degree, Faculty of Engineering and Applied Science Memorial University of Newfoundland, Canada, 2007
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zhang, B., Jin, C. Practical security against linear cryptanalysis for SMS4-like ciphers with SP round function. Sci. China Inf. Sci. 55, 2161–2170 (2012). https://doi.org/10.1007/s11432-011-4448-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-011-4448-8