Abstract
This work aims at determining when the two-round maximum expected differential probability in an SPN with an MDS diffusion layer is achieved by a differential having the fewest possible active Sboxes. This question arises from the fact that minimum-weight differentials include the best differentials for the AES and several variants. However, we exhibit some SPN for which the two-round MEDP is achieved by some differentials involving a number of active Sboxes which exceeds the branch number of the linear layer. On the other hand, we also prove that, for some particular families of Sboxes, the two-round MEDP is always achieved for minimum-weight differentials.
Partially supported by the French Agence Nationale de la Recherche through the BLOC project under Contract ANR-11-INS-011.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Augot, D., Finiasz, M.: Direct Construction of Recursive MDS Diffusion Layers using Shortened BCH Codes. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 3–17. Springer, Heidelberg (2015)
Bending, T.D., Fon-Der-Flaass, D.: Crooked Functions, Bent Functions, and Distance Regular Graphs. Electr. J. Comb. 5 (1998)
Berger, T.P.: Construction of recursive MDS diffusion layers from Gabidulin codes. In: Paul, G., Vaudenay, S. (eds.) INDOCRYPT 2013. LNCS, vol. 8250, pp. 274–285. Springer, Heidelberg (2013)
Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology, 3–72 (1991)
Bogdanov, A.A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C.: PRESENT: An ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)
Brinkmann, M., Leander, G.: On the classification of APN functions up to dimension five. Designs, Codes and Cryptography 49(1-3), 273–288 (2008)
Canteaut, A., Charpin, P.: Decomposing bent functions. IEEE Transactions on Information Theory 49(8), 2004–2019 (2003)
Canteaut, A., Roué, J.: On the behaviors of affine equivalent sboxes regarding differential and linear attacks. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 45–74. Springer, Heidelberg (2015)
Chun, K., Kim, S., Lee, S., Sung, S.H., Yoon, S.: Differential and linear cryptanalysis for 2-round SPNs. Inf. Process. Lett. 87(5), 277–282 (2003)
Daemen, J.: Cipher and hash function design strategies based on linear and differential cryptanalysis. Ph.D. thesis, K.U. Leuven (1995)
Daemen, J., Rijmen, V.: The Wide Trail Design Strategy. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 222–238. Springer, Heidelberg (2001)
Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography. Springer (2002)
Daemen, J., Rijmen, V.: Understanding Two-Round Differentials in AES. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 78–94. Springer, Heidelberg (2006)
Daemen, J., Rijmen, V.: Correlation Analysis in GF(2n). In: Advanced Linear Cryptanalysis of Block and Stream Ciphers. Cryptology and information security, pp. 115–131. IOS Press (2011)
Hong, S.H., Lee, S.-J., Lim, J.-I., Sung, J., Cheon, D.H., Cho, I.: Provable Security against Differential and Linear Cryptanalysis for the SPN Structure. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 273–283. Springer, Heidelberg (2001)
Kavun, E.B., Lauridsen, M.M., Leander, G., Rechberger, C., Schwabe, P., Yalçın, T.: Prøst v1.1. Submission to the CAESAR competition (2014), http://proest.compute.dtu.dk/proestv11.pdf
Keliher, L., Sui, J.: Exact maximum expected differential and linear probability for two-round Advanced Encryption Standard. IET Information Security 1(2), 53–57 (2007)
Kyureghyan, G.M.: Crooked maps in \({F}_{2^n}\). Finite Fields and Their Applications 13(3), 713–726 (2007)
Lai, X., Massey, J.L., Murphy, S.: Markov ciphers and differential cryptanalysis. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 17–38. Springer, Heidelberg (1991)
MacWilliams, F., Sloane, N.: The Theory of Error-Correcting Codes, vol. 16. North-Holland (1977)
Park, S., Sung, S.H., Lee, S.-J., Lim, J.-I.: Improving the Upper Bound on the Maximum Differential and the Maximum Linear Hull Probability for SPN Structures and AES. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 247–260. Springer, Heidelberg (2003)
Sajadieh, M., Dakhilalian, M., Mala, H., Sepehrdad, P.: Efficient recursive diffusion layers for block ciphers and hash functions. J. Cryptology 28(2), 240–256 (2015)
Shibutani, K., Bogdanov, A.: Towards the optimality of Feistel ciphers with substitution-permutation functions. Des. Codes Cryptography 73(2), 667–682 (2014), http://dx.doi.org/10.1007/s10623-014-9970-4
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Canteaut, A., Roué, J. (2015). Differential Attacks Against SPN: A Thorough Analysis. In: El Hajji, S., Nitaj, A., Carlet, C., Souidi, E. (eds) Codes, Cryptology, and Information Security. C2SI 2015. Lecture Notes in Computer Science(), vol 9084. Springer, Cham. https://doi.org/10.1007/978-3-319-18681-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-18681-8_4
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-18680-1
Online ISBN: 978-3-319-18681-8
eBook Packages: Computer ScienceComputer Science (R0)