For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
On the Security of Nested SPN Cipher against the Differential and Linear Cryptanalysis
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Publication Date: 2003/01/01
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
Category: Symmetric Ciphers and Hash Functions
block cipher, SPN, cryptanalysis,
Full Text: PDF(807.4KB)>>
We extend the theorem by Hong et al. which gives the upper bounds of the maximum average differential and linear hull probabilities (MADP and MALHP) for SPN block cipher with optimal or quasi-optimal diffusion layers, to the case of nested SPN (NSPN) cipher. Applying the extended theorem to two NSPN ciphers, Hierocrypt-3 of 128-bit block and Hierocrypt-L1 of 64-bit block, we estimated that MADP and MALHP for 2-round Hierocrypt-3 are bounded by 2-96, and that those for 2-round Hierocrypt-L1 are bounded by 2-48. The extended theorem is also applied to AES, and found that MADP and MALHP are bounded by 2-96 for its 4-round reduced model. The last result outperforms the best previous result 2-92 for 10-round by Keliher et al.