A New Method for Finding Impossible Differentials of Generalized Feistel Structures

Impossible differential cryptanalysis is one of the most powerful attacks against modern block ciphers. In most cases, the resistance of a block cipher against impossible differential cryptanalysis can be measured by the length of the longest impossible differentials. By taking a closer look into the round function, we present a new method to find longer impossible differentials of wordoriented generalized Feistel structures. We conclude the existence of impossible differentials by the nonzero points of the XOR-ed masked differences in the middle round. This method uses differential style and its nonzero point to find the impossible differential, which is much easier than the classical impossible differential searching method. By applying our method, we can find several longest impossible differentials of some famous block cipher structures with SP (Substitution-permutation) round functions. If some extra conditions of the round function are taken into consideration (e.g. the permutation layer is designed as binary matrix or some sparse matrix), longer impossible differentials could be achieved by our method.