Practical and Provable Security against Differential and Linear Cryptanalysis for Substitution‐Permutation Networks
We examine the diffusion layers of some block ciphers referred to as substitution‐permutation networks. We investigate the practical and provable security of these diffusion layers against differential and linear cryptanalysis. First, in terms of practical security, we show that the minimum number o...
Gespeichert in:
| Veröffentlicht in: | ETRI journal 2001-12, Vol.23 (4), p.158-167 |
|---|---|
| Hauptverfasser: | , , , , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 167 |
|---|---|
| container_issue | 4 |
| container_start_page | 158 |
| container_title | ETRI journal |
| container_volume | 23 |
| creator | Kang, Ju‐Sung Hong, Seokhie Lee, Sangjin Yi, Okyeon Park, Choonsik Lim, Jongin |
| description | We examine the diffusion layers of some block ciphers referred to as substitution‐permutation networks. We investigate the practical and provable security of these diffusion layers against differential and linear cryptanalysis. First, in terms of practical security, we show that the minimum number of differentially active S‐boxes and that of linearly active S‐boxes are generally not identical and propose some special conditions in which those are identical. We also study the optimal diffusion effect for some diffusion layers according to their constraints. Second, we obtain the results that the consecutive two rounds of SPN structure provide provable security against differential and linear cryptanalysis, i.e., we prove that the probability of each differential (resp. linear hull) of the consecutive two rounds of SPN structure with a maximal diffusion layer is bounded by pn (resp. qn) and that of each differential (resp. linear hull) of the SDS function with a semi‐maximal diffusion layer is bounded by pn‐1 (resp. qn‐1), where p and q are maximum differential and linear probabilities of the substitution layer, respectively. |
| doi_str_mv | 10.4218/etrij.01.0101.0402 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_26901589</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>26901589</sourcerecordid><originalsourceid>FETCH-LOGICAL-c3998-be756d513dba3e4feb427b6e34dced9d6fade8b816e0cc54152679d521213c2b3</originalsourceid><addsrcrecordid>eNqNkM9q3DAQh0VJoJukL9CTLu3NG2kka-1j2SRtYWmX_DmLsTwuSr32VpITfMsj5BnzJF1nF3INDDMMfPNj-Bj7LMVcgyzOKQV_PxdyV1PTAj6wGYBS2UKBOWIzCZBnRhv1kZ3EeC8ECJ0XMzasA7rkHbYcu5qvQ_-AVUv8htwQfBo5_kHfxcQvfNNQoC75A7ryHWHgyzBuE3bYjtFH3vSB3wxVTD4Nyffdy9PzmsJmSDht_Belxz78jWfsuME20qfDPGV3V5e3yx_Z6vf3n8tvq8ypsiyyiha5qXOp6goV6YYqDYvKkNK1o7qsTYM1FVUhDQnnci1zMIuyzkGCVA4qdcq-7nO3of83UEx246OjtsWO-iFaMKWQeVHuQNiDLvQxBmrsNvgNhtFKYSfD9tWwFdJOhu1keHf05ZCOcSewCdg5H98utYRCmSm82HOPvqXxHcn28vYapsfUf36GksA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>26901589</pqid></control><display><type>article</type><title>Practical and Provable Security against Differential and Linear Cryptanalysis for Substitution‐Permutation Networks</title><source>EZB-FREE-00999 freely available EZB journals</source><source>Wiley Online Library (Open Access Collection)</source><creator>Kang, Ju‐Sung ; Hong, Seokhie ; Lee, Sangjin ; Yi, Okyeon ; Park, Choonsik ; Lim, Jongin</creator><creatorcontrib>Kang, Ju‐Sung ; Hong, Seokhie ; Lee, Sangjin ; Yi, Okyeon ; Park, Choonsik ; Lim, Jongin</creatorcontrib><description>We examine the diffusion layers of some block ciphers referred to as substitution‐permutation networks. We investigate the practical and provable security of these diffusion layers against differential and linear cryptanalysis. First, in terms of practical security, we show that the minimum number of differentially active S‐boxes and that of linearly active S‐boxes are generally not identical and propose some special conditions in which those are identical. We also study the optimal diffusion effect for some diffusion layers according to their constraints. Second, we obtain the results that the consecutive two rounds of SPN structure provide provable security against differential and linear cryptanalysis, i.e., we prove that the probability of each differential (resp. linear hull) of the consecutive two rounds of SPN structure with a maximal diffusion layer is bounded by pn (resp. qn) and that of each differential (resp. linear hull) of the SDS function with a semi‐maximal diffusion layer is bounded by pn‐1 (resp. qn‐1), where p and q are maximum differential and linear probabilities of the substitution layer, respectively.</description><identifier>ISSN: 1225-6463</identifier><identifier>EISSN: 2233-7326</identifier><identifier>DOI: 10.4218/etrij.01.0101.0402</identifier><language>eng</language><publisher>Taejon: Electronics and Telecommunications Research Institute</publisher><subject>Applied sciences ; Cryptography ; Exact sciences and technology ; Information, signal and communications theory ; Signal and communications theory ; Telecommunications and information theory</subject><ispartof>ETRI journal, 2001-12, Vol.23 (4), p.158-167</ispartof><rights>2001 ETRI</rights><rights>2002 INIST-CNRS</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c3998-be756d513dba3e4feb427b6e34dced9d6fade8b816e0cc54152679d521213c2b3</citedby><cites>FETCH-LOGICAL-c3998-be756d513dba3e4feb427b6e34dced9d6fade8b816e0cc54152679d521213c2b3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://onlinelibrary.wiley.com/doi/pdf/10.4218%2Fetrij.01.0101.0402$$EPDF$$P50$$Gwiley$$H</linktopdf><linktohtml>$$Uhttps://onlinelibrary.wiley.com/doi/full/10.4218%2Fetrij.01.0101.0402$$EHTML$$P50$$Gwiley$$H</linktohtml><link.rule.ids>315,781,785,1434,27929,27930,46414,46838</link.rule.ids><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&idt=14128369$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><creatorcontrib>Kang, Ju‐Sung</creatorcontrib><creatorcontrib>Hong, Seokhie</creatorcontrib><creatorcontrib>Lee, Sangjin</creatorcontrib><creatorcontrib>Yi, Okyeon</creatorcontrib><creatorcontrib>Park, Choonsik</creatorcontrib><creatorcontrib>Lim, Jongin</creatorcontrib><title>Practical and Provable Security against Differential and Linear Cryptanalysis for Substitution‐Permutation Networks</title><title>ETRI journal</title><description>We examine the diffusion layers of some block ciphers referred to as substitution‐permutation networks. We investigate the practical and provable security of these diffusion layers against differential and linear cryptanalysis. First, in terms of practical security, we show that the minimum number of differentially active S‐boxes and that of linearly active S‐boxes are generally not identical and propose some special conditions in which those are identical. We also study the optimal diffusion effect for some diffusion layers according to their constraints. Second, we obtain the results that the consecutive two rounds of SPN structure provide provable security against differential and linear cryptanalysis, i.e., we prove that the probability of each differential (resp. linear hull) of the consecutive two rounds of SPN structure with a maximal diffusion layer is bounded by pn (resp. qn) and that of each differential (resp. linear hull) of the SDS function with a semi‐maximal diffusion layer is bounded by pn‐1 (resp. qn‐1), where p and q are maximum differential and linear probabilities of the substitution layer, respectively.</description><subject>Applied sciences</subject><subject>Cryptography</subject><subject>Exact sciences and technology</subject><subject>Information, signal and communications theory</subject><subject>Signal and communications theory</subject><subject>Telecommunications and information theory</subject><issn>1225-6463</issn><issn>2233-7326</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2001</creationdate><recordtype>article</recordtype><recordid>eNqNkM9q3DAQh0VJoJukL9CTLu3NG2kka-1j2SRtYWmX_DmLsTwuSr32VpITfMsj5BnzJF1nF3INDDMMfPNj-Bj7LMVcgyzOKQV_PxdyV1PTAj6wGYBS2UKBOWIzCZBnRhv1kZ3EeC8ECJ0XMzasA7rkHbYcu5qvQ_-AVUv8htwQfBo5_kHfxcQvfNNQoC75A7ryHWHgyzBuE3bYjtFH3vSB3wxVTD4Nyffdy9PzmsJmSDht_Belxz78jWfsuME20qfDPGV3V5e3yx_Z6vf3n8tvq8ypsiyyiha5qXOp6goV6YYqDYvKkNK1o7qsTYM1FVUhDQnnci1zMIuyzkGCVA4qdcq-7nO3of83UEx246OjtsWO-iFaMKWQeVHuQNiDLvQxBmrsNvgNhtFKYSfD9tWwFdJOhu1keHf05ZCOcSewCdg5H98utYRCmSm82HOPvqXxHcn28vYapsfUf36GksA</recordid><startdate>200112</startdate><enddate>200112</enddate><creator>Kang, Ju‐Sung</creator><creator>Hong, Seokhie</creator><creator>Lee, Sangjin</creator><creator>Yi, Okyeon</creator><creator>Park, Choonsik</creator><creator>Lim, Jongin</creator><general>Electronics and Telecommunications Research Institute</general><scope>IQODW</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SP</scope><scope>8FD</scope><scope>L7M</scope></search><sort><creationdate>200112</creationdate><title>Practical and Provable Security against Differential and Linear Cryptanalysis for Substitution‐Permutation Networks</title><author>Kang, Ju‐Sung ; Hong, Seokhie ; Lee, Sangjin ; Yi, Okyeon ; Park, Choonsik ; Lim, Jongin</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c3998-be756d513dba3e4feb427b6e34dced9d6fade8b816e0cc54152679d521213c2b3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2001</creationdate><topic>Applied sciences</topic><topic>Cryptography</topic><topic>Exact sciences and technology</topic><topic>Information, signal and communications theory</topic><topic>Signal and communications theory</topic><topic>Telecommunications and information theory</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Kang, Ju‐Sung</creatorcontrib><creatorcontrib>Hong, Seokhie</creatorcontrib><creatorcontrib>Lee, Sangjin</creatorcontrib><creatorcontrib>Yi, Okyeon</creatorcontrib><creatorcontrib>Park, Choonsik</creatorcontrib><creatorcontrib>Lim, Jongin</creatorcontrib><collection>Pascal-Francis</collection><collection>CrossRef</collection><collection>Electronics & Communications Abstracts</collection><collection>Technology Research Database</collection><collection>Advanced Technologies Database with Aerospace</collection><jtitle>ETRI journal</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Kang, Ju‐Sung</au><au>Hong, Seokhie</au><au>Lee, Sangjin</au><au>Yi, Okyeon</au><au>Park, Choonsik</au><au>Lim, Jongin</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Practical and Provable Security against Differential and Linear Cryptanalysis for Substitution‐Permutation Networks</atitle><jtitle>ETRI journal</jtitle><date>2001-12</date><risdate>2001</risdate><volume>23</volume><issue>4</issue><spage>158</spage><epage>167</epage><pages>158-167</pages><issn>1225-6463</issn><eissn>2233-7326</eissn><abstract>We examine the diffusion layers of some block ciphers referred to as substitution‐permutation networks. We investigate the practical and provable security of these diffusion layers against differential and linear cryptanalysis. First, in terms of practical security, we show that the minimum number of differentially active S‐boxes and that of linearly active S‐boxes are generally not identical and propose some special conditions in which those are identical. We also study the optimal diffusion effect for some diffusion layers according to their constraints. Second, we obtain the results that the consecutive two rounds of SPN structure provide provable security against differential and linear cryptanalysis, i.e., we prove that the probability of each differential (resp. linear hull) of the consecutive two rounds of SPN structure with a maximal diffusion layer is bounded by pn (resp. qn) and that of each differential (resp. linear hull) of the SDS function with a semi‐maximal diffusion layer is bounded by pn‐1 (resp. qn‐1), where p and q are maximum differential and linear probabilities of the substitution layer, respectively.</abstract><cop>Taejon</cop><pub>Electronics and Telecommunications Research Institute</pub><doi>10.4218/etrij.01.0101.0402</doi><tpages>10</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1225-6463 |
| ispartof | ETRI journal, 2001-12, Vol.23 (4), p.158-167 |
| issn | 1225-6463 2233-7326 |
| language | eng |
| recordid | cdi_proquest_miscellaneous_26901589 |
| source | EZB-FREE-00999 freely available EZB journals; Wiley Online Library (Open Access Collection) |
| subjects | Applied sciences Cryptography Exact sciences and technology Information, signal and communications theory Signal and communications theory Telecommunications and information theory |
| title | Practical and Provable Security against Differential and Linear Cryptanalysis for Substitution‐Permutation Networks |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-11T16%3A34%3A08IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Practical%20and%20Provable%20Security%20against%20Differential%20and%20Linear%20Cryptanalysis%20for%20Substitution%E2%80%90Permutation%20Networks&rft.jtitle=ETRI%20journal&rft.au=Kang,%20Ju%E2%80%90Sung&rft.date=2001-12&rft.volume=23&rft.issue=4&rft.spage=158&rft.epage=167&rft.pages=158-167&rft.issn=1225-6463&rft.eissn=2233-7326&rft_id=info:doi/10.4218/etrij.01.0101.0402&rft_dat=%3Cproquest_cross%3E26901589%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=26901589&rft_id=info:pmid/&rfr_iscdi=true |