On a Structure of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis

Mitsuru MATSUI  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E82-A   No.1   pp.117-122
Publication Date: 1999/01/25
Online ISSN: 
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
block cipher,  differential cryptanalysis,  linear cryptanalysis,  provable security,  

Full Text: PDF(198.6KB)>>
Buy this Article

We introduce a new methodology for designing block ciphers with provable security against differential and linear cryptanalysis. It is based on three new principles: change of the location of round functions, round functions with recursive structure, and substitution boxes of different sizes. The first realizes parallel computation of the round functions without losing provable security, and the second reduces the size of substitution boxes; moreover, the last is expected to make algebraic attacks difficult. This structure gives us a simple and effective method for designing secure and fast block ciphers in hardware as well as in software implementation. Block encryption algorithm MISTY was designed on the basis of this methodology.