14 results sorted by ID
Possible spell-corrected query: gf
Quantum Attacks on Type-1 Generalized Feistel Schemes
Hong-Wei Sun, Bin-Bin Cai, Su-Juan Qin, Qiao-Yan Wen, Fei Gao
Attacks and cryptanalysis
Generalized Feistel schemes (GFSs) are extremely important and extensively researched cryptographic schemes. In this paper, we investigate the security of Type-1 GFS in quantum circumstances. On the one hand, in the qCCA setting, we give a new quantum polynomial-time distinguisher on $(d^2-1)$-round Type-1 GFS with branches $d\geq3$, which extends the previous results by $(d-2)$ rounds. This leads to a more efficient analysis of type-1 GFS, that is, the complexity of some previous...
Throwing Boomerangs into Feistel Structures: Application to CLEFIA, WARP, LBlock, LBlock-s and TWINE
Hosein Hadipour, Marcel Nageler, Maria Eichlseder
Attacks and cryptanalysis
Automatic tools to search for boomerang distinguishers have seen significant advances over the past few years. However, most previous work has focused on ciphers based on a Substitution Permutation Network (SPN), while analyzing the Feistel structure is of great significance. Boukerrou et al. recently provided a theoretical framework to formulate the boomerang switch over multiple Feistel rounds, but they did not provide an automatic tool to find distinguishers. In this paper, by enhancing...
A Deep Learning Approach for Active S-box Prediction of Lightweight Generalized Feistel Block Ciphers
Mohamed Fadl Idris, Je Sen Teh, Jasy Liew Suet Yan, Wei-Zhu Yeoh
Secret-key cryptography
Block cipher resistance against differential cryptanalysis is commonly assessed by counting the number of active substitution boxes (S-boxes) using search algorithms or mathematical solvers that incur high computational costs. In this paper, we propose an alternative approach using deep neural networks to predict the number of active S-boxes, trading off exactness for real-time efficiency as the bulk of computational work is brought over to pre-processing (training). Active S-box prediction...
Assessing Lightweight Block Cipher Security using Linear and Nonlinear Machine Learning Classifiers
Ting Rong Lee, Je Sen Teh, Norziana Jamil, Jasy Liew Suet Yan, Jiageng Chen
Secret-key cryptography
In this paper, we investigate the use of machine learning classifiers to assess block cipher security from the perspective of differential cryptanalysis. These classifiers were trained using common block cipher features (number of rounds, permutation pattern, truncated input and output differences), making our approach generalizable to an entire class of ciphers. Each data sample represents a truncated differential path, for which the level of security is labelled as secure or insecure by...
Integral Cryptanalysis of Reduced-Round Tweakable TWINE
Muhammad ElSheikh, Amr M. Youssef
Secret-key cryptography
textsf{Tweakable TWINE} is the first lightweight dedicated tweakable block cipher family built on Generalized Feistel Structure (GFS). \twine family is an extension of the conventional block cipher \textsf{TWINE} with minimal modification by adding a simple tweak based on the SKINNY's tweakey schedule. Similar to \textsf{TWINE}, \twine has two variants, namely \twine[80] and \twine[128]. The two variants have the same block size of 64 bits and a variable key length of 80 and 128 bits. In...
Impossible Differential Cryptanalysis of Reduced-Round Tweakable TWINE
Mohamed Tolba, Muhammad ElSheikh, Amr M. Youssef
Secret-key cryptography
Tweakable TWINE (T-TWINE) is a new lightweight tweakable block cipher family proposed by Sakamoto $et$ $al$. at IWSEC 2019. T-TWINE is the first Tweakable Block Cipher (TBC) that is built on Generalized Feistel Structure (GFS). It is based on the TWINE block cipher in addition to a simple tweak scheduling based on SKINNY’s tweakey schedule. Similar to TWINE, it has two versions, namely, T-TWINE-80 and T-TWINE-128, both have a block length of 64 bits and employ keys of length 80 and 128 bits,...
Lightweight Iterative MDS Matrices: How Small Can We Go?
Shun Li, Siwei Sun, Danping Shi, Chaoyun Li, Lei Hu
Secret-key cryptography
As perfect building blocks for the diffusion layers of many symmetric-key primitives, the construction of MDS matrices with light-weight circuits has received much attention from the symmetric-key community. One promising way of realizing low-cost MDS matrices is based on the iterative construction: a low-cost matrix becomes MDS after rising it to a certain power. To be more specific, if $A^t$ is MDS, then one can implement $A$ instead of $A^t$ to achieve the MDS property at the expense of...
Improved quantum attack on Type-1 Generalized Feistel Schemes and Its application to CAST-256
Boyu Ni, Xiaoyang Dong
Secret-key cryptography
Generalized Feistel Schemes (GFS) are important components of symmetric ciphers, which have been extensively researched in classical setting. However, the security evaluations of GFS in quantum setting are rather scanty.
In this paper, we give more improved polynomial-time quantum distinguishers on Type-1 GFS in quantum
chosen-plaintext attack (qCPA) setting and quantum chosen-ciphertext attack (qCCA) setting.
In qCPA setting, we give new quantum polynomial-time distinguishers on...
Construction of MDS Matrices from Generalized Feistel Structures
Mahdi Sajadieh, Mohsen Mousavi
Implementation
This paper investigates the construction of MDS matrices
with generalized Feistel structures (GFS).
The approach developed by this paper consists
in deriving MDS matrices from the product of several sparser ones. This can be
seen as a generalization to several matrices of the recursive construction
which derives MDS matrices as the powers of a single companion matrix.
The first part of this paper gives some theoretical results on the iteration of GFS.
In second part, using GFS and...
Using MILP in Analysis of Feistel Structures and Improving Type II GFS by Switching Mechanism
Mahdi Sajadieh, Mohammad Vaziri
Some features of Feistel structures have caused them to be considered as an efficient structure for design of block ciphers. Although several structures are proposed relied on Feistel structure, the type-II generalized Feistel structures (GFS) based on SP-functions are more prominent. Because of difference cancellation, which occurs in Feistel structures, their resistance against differential and linear attack is not as expected. Hitherto, to improve the immunity of Feistel structures...
Quantum cryptanalysis on some Generalized Feistel Schemes
Xiaoyang Dong, Zheng Li, Xiaoyun Wang
Secret-key cryptography
Post-quantum cryptography has attracted much attention from worldwide cryptologists.
In ISIT 2010, Kuwakado and Morii gave a quantum distinguisher with polynomial time against 3-round Feistel networks. However, generalized Feistel schemes (GFS) have not been systematically investigated against quantum attacks.
In this paper, we study the quantum distinguishers about some generalized Feistel schemes. For $d$-branch Type-1 GFS (CAST256-like Feistel structure), we introduce ($2d-1$)-round...
Improved Differential Cryptanalysis on Generalized Feistel Schemes
Ivan Tjuawinata, Tao Huang, Hongjun Wu
Secret-key cryptography
Nachef et al used differential cryptanalysis to study four types of Generalized Feistel Scheme (GFS). They gave the lower bound of maximum number of rounds that is indistinguishable from a random permutation. In this paper, we study the security of several types of GFS by exploiting the asymmetric property. We show that better lower bounds can be achieved for the Type-1 GFS, Type-3 GFS and Alternating Feistel Scheme. Furthermore, we give the first general results regarding to the lower bound...
sLiSCP: Simeck-based Permutations for Lightweight Sponge Cryptographic Primitives
Riham AlTawy, Raghvendra Rohit, Morgan He, Kalikinkar Mandal, Gangqiang Yang, Guang Gong
Secret-key cryptography
In this paper, we propose a family of lightweight cryptographic permutations called sLiSCP, with the sole aim to provide a realistic minimal design}that suits a variety of lightweight device applications. More precisely, we argue that for such devices the chip area dedicated for security purposes should, not only be consumed by an encryption or hashing algorithm, but also provide as many cryptographic functionalities as possible. Our main contribution is the design of a lightweight...
Simpira v2: A Family of Efficient Permutations Using the AES Round Function
Shay Gueron, Nicky Mouha
This paper introduces Simpira, a family of cryptographic permutations that supports inputs of $128 \times b$ bits, where $b$ is a positive integer. Its design goal is to achieve high throughput on virtually all modern 64-bit processors, that nowadays already have native instructions for AES. To achieve this goal, Simpira uses only one building block: the AES round function. For $b=1$, Simpira corresponds to 12-round AES with fixed round keys, whereas for $b\ge 2$, Simpira is a Generalized...
Generalized Feistel schemes (GFSs) are extremely important and extensively researched cryptographic schemes. In this paper, we investigate the security of Type-1 GFS in quantum circumstances. On the one hand, in the qCCA setting, we give a new quantum polynomial-time distinguisher on $(d^2-1)$-round Type-1 GFS with branches $d\geq3$, which extends the previous results by $(d-2)$ rounds. This leads to a more efficient analysis of type-1 GFS, that is, the complexity of some previous...
Automatic tools to search for boomerang distinguishers have seen significant advances over the past few years. However, most previous work has focused on ciphers based on a Substitution Permutation Network (SPN), while analyzing the Feistel structure is of great significance. Boukerrou et al. recently provided a theoretical framework to formulate the boomerang switch over multiple Feistel rounds, but they did not provide an automatic tool to find distinguishers. In this paper, by enhancing...
Block cipher resistance against differential cryptanalysis is commonly assessed by counting the number of active substitution boxes (S-boxes) using search algorithms or mathematical solvers that incur high computational costs. In this paper, we propose an alternative approach using deep neural networks to predict the number of active S-boxes, trading off exactness for real-time efficiency as the bulk of computational work is brought over to pre-processing (training). Active S-box prediction...
In this paper, we investigate the use of machine learning classifiers to assess block cipher security from the perspective of differential cryptanalysis. These classifiers were trained using common block cipher features (number of rounds, permutation pattern, truncated input and output differences), making our approach generalizable to an entire class of ciphers. Each data sample represents a truncated differential path, for which the level of security is labelled as secure or insecure by...
textsf{Tweakable TWINE} is the first lightweight dedicated tweakable block cipher family built on Generalized Feistel Structure (GFS). \twine family is an extension of the conventional block cipher \textsf{TWINE} with minimal modification by adding a simple tweak based on the SKINNY's tweakey schedule. Similar to \textsf{TWINE}, \twine has two variants, namely \twine[80] and \twine[128]. The two variants have the same block size of 64 bits and a variable key length of 80 and 128 bits. In...
Tweakable TWINE (T-TWINE) is a new lightweight tweakable block cipher family proposed by Sakamoto $et$ $al$. at IWSEC 2019. T-TWINE is the first Tweakable Block Cipher (TBC) that is built on Generalized Feistel Structure (GFS). It is based on the TWINE block cipher in addition to a simple tweak scheduling based on SKINNY’s tweakey schedule. Similar to TWINE, it has two versions, namely, T-TWINE-80 and T-TWINE-128, both have a block length of 64 bits and employ keys of length 80 and 128 bits,...
As perfect building blocks for the diffusion layers of many symmetric-key primitives, the construction of MDS matrices with light-weight circuits has received much attention from the symmetric-key community. One promising way of realizing low-cost MDS matrices is based on the iterative construction: a low-cost matrix becomes MDS after rising it to a certain power. To be more specific, if $A^t$ is MDS, then one can implement $A$ instead of $A^t$ to achieve the MDS property at the expense of...
Generalized Feistel Schemes (GFS) are important components of symmetric ciphers, which have been extensively researched in classical setting. However, the security evaluations of GFS in quantum setting are rather scanty. In this paper, we give more improved polynomial-time quantum distinguishers on Type-1 GFS in quantum chosen-plaintext attack (qCPA) setting and quantum chosen-ciphertext attack (qCCA) setting. In qCPA setting, we give new quantum polynomial-time distinguishers on...
This paper investigates the construction of MDS matrices with generalized Feistel structures (GFS). The approach developed by this paper consists in deriving MDS matrices from the product of several sparser ones. This can be seen as a generalization to several matrices of the recursive construction which derives MDS matrices as the powers of a single companion matrix. The first part of this paper gives some theoretical results on the iteration of GFS. In second part, using GFS and...
Some features of Feistel structures have caused them to be considered as an efficient structure for design of block ciphers. Although several structures are proposed relied on Feistel structure, the type-II generalized Feistel structures (GFS) based on SP-functions are more prominent. Because of difference cancellation, which occurs in Feistel structures, their resistance against differential and linear attack is not as expected. Hitherto, to improve the immunity of Feistel structures...
Post-quantum cryptography has attracted much attention from worldwide cryptologists. In ISIT 2010, Kuwakado and Morii gave a quantum distinguisher with polynomial time against 3-round Feistel networks. However, generalized Feistel schemes (GFS) have not been systematically investigated against quantum attacks. In this paper, we study the quantum distinguishers about some generalized Feistel schemes. For $d$-branch Type-1 GFS (CAST256-like Feistel structure), we introduce ($2d-1$)-round...
Nachef et al used differential cryptanalysis to study four types of Generalized Feistel Scheme (GFS). They gave the lower bound of maximum number of rounds that is indistinguishable from a random permutation. In this paper, we study the security of several types of GFS by exploiting the asymmetric property. We show that better lower bounds can be achieved for the Type-1 GFS, Type-3 GFS and Alternating Feistel Scheme. Furthermore, we give the first general results regarding to the lower bound...
In this paper, we propose a family of lightweight cryptographic permutations called sLiSCP, with the sole aim to provide a realistic minimal design}that suits a variety of lightweight device applications. More precisely, we argue that for such devices the chip area dedicated for security purposes should, not only be consumed by an encryption or hashing algorithm, but also provide as many cryptographic functionalities as possible. Our main contribution is the design of a lightweight...
This paper introduces Simpira, a family of cryptographic permutations that supports inputs of $128 \times b$ bits, where $b$ is a positive integer. Its design goal is to achieve high throughput on virtually all modern 64-bit processors, that nowadays already have native instructions for AES. To achieve this goal, Simpira uses only one building block: the AES round function. For $b=1$, Simpira corresponds to 12-round AES with fixed round keys, whereas for $b\ge 2$, Simpira is a Generalized...
