Square reflection cryptanalysis of 5-round Feistel networks with permutations

Kara, Orhun
In this work, we introduce a new generic attack on 5-round Feistel networks whose round functions are random permutations, under the condition that the second and the fourth round keys are equal. The attack is a combination of the square attack technique with the reflection attack technique and exploits the unbalanced distribution of the fixed points of the inner rounds among all the keys. The data complexity of the attack is inverted right perpendicular4m/ninverted left perpendicular2(n/2) chosen plaintexts where inverted right perpendicular4m/2inverted left perpendicular is the smallest integer bigger than or equal to 4m/n, m is the length of a round key and n is the block length of the Feistel network. We utilize Hellman tables to construct a tradeoff between the time complexity and the memory complexity of the attack which are 2(3m-2M-1) and 2(M) respectively where M is the tradeoff parameter. The number of weak keys is 2(k-m) where k is the key length. As a concrete example, we mount the attack on 5-round DEAL. Our attack has overall complexity of 2(65) and works on a key set of cardinality 2(72) for 128-bit key length.


Statistical analysis of block ciphers and hash functions
Sulak, Fatih; Doğanaksoy, Ali; Department of Cryptography (2011)
One of the most basic properties expected from block ciphers and hash functions is passing statistical randomness testing, as they are supposed to behave like random mappings. Previously, testing of AES candidate block ciphers was done by using the statistical tests defined in the NIST Test Suite. As some of the tests in this suite require long sequences, data sets are formed by concatenating the outputs of the algorithms obtained from various input types. However, the nature of block cipher and hash functi...
Integrable KdV systems: Recursion operators of degree four
Gurses, M; Karasu, Atalay (1999-01-25)
The recursion operator and bi-Hamiltonian formulation of the Drinfeld-Sokolov system are given. (C) 1999 Elsevier Science B.V.
Differential Attacks on Lightweight Block Ciphers PRESENT, PRIDE, and RECTANGLE Revisited
Tezcan, Cihangir; Senol, Asuman; Dogan, Erol; Yucebas, Furkan; Baykal, Nazife (2016-09-21)
Differential distribution and linear approximation tables are the main security criteria for S-box designers. However, there are other S-box properties that, if overlooked by cryptanalysts, can result in erroneous results in theoretical attacks. In this paper we focus on two such properties, namely undisturbed bits and differential factors. We go on to identify several inconsistencies in published attacks against the lightweight block ciphers PRESENT, PRIDE, and RECTANGLE and present our corrections.
Nonlinearity preserving post-transformations
Sertkaya, İsa; Doğanaksoy, Ali; Department of Cryptography (2004)
Boolean functions are accepted to be cryptographically strong if they satisfy some common pre-determined criteria. It is expected that any design criteria should remain invariant under a large group of transformations due to the theory of similarity of secrecy systems proposed by Shannon. One of the most important design criteria for cryptographically strong Boolean functions is the nonlinearity criterion. Meier and Staffelbach studied nonlinearity preserving transformations, by considering the invertible t...
Efe, Giray; Cenk, Murat; Department of Cryptography (2022-3-07)
Polynomial multiplication on the quotient ring Z[x]/<x^n+-1> is one of the most fundamental, general-purpose operations frequently used in cryptographic algorithms. Therefore, a possible improvement over a multiplication algorithm directly affects the performance of algorithms used in a cryptographic application. Well-known multiplication algorithms such as Schoolbook, Karatsuba, and Toom-Cook are dominant choices against NTT in small and ordinary input sizes. On the other hand, how these approaches are imp...
Citation Formats
O. Kara, “Square reflection cryptanalysis of 5-round Feistel networks with permutations,” INFORMATION PROCESSING LETTERS, pp. 827–831, 2013, Accessed: 00, 2020. [Online]. Available: https://hdl.handle.net/11511/63580.