|
|
|
| The Cryptographic Weakness of Lai-Massey Scheme with an Affine but not Orthomorphic Bijection σ |
| Fu Li-shi Jin Chen-hui |
| The Information Engineering University of PLA, Zhengzhou 450004, China |
|
|
|
|
Abstract Vaudenay (1999) proved that the permutation σ in Lai-Massey scheme should be an orthomorphism or almost orthomorphism. This paper mainly focuses on the principle of the function σ in Lai-Massey scheme, which is described by its resistance to differential and linear attack. It shows that no matter how the group G is defined, if σ is an affine function on G, then it should be defined as an orthomorphism, or else there exists a differentially characteristic with probability 1 and a linearly approximation with correlation coefficient 1, therefore it has potential security risk. Moreover, by the characteristic spectrum in finite group, a new linear relationship between the input and output of Lai-Massey scheme is introduced, which is used to describe the linear relationship lying between the input and the output of Lai-Massey scheme.
|
|
Received: 04 December 2012
|
|
|
|
Corresponding Authors:
Fu Li-shi
E-mail: fulishil123@sohu.com
|
|
|
|
|
|
|
2013, Vol. 35 
