Feistel-SPS结构的反弹攻击

doi:10.11999/JEIT151255

Abstract
Figure/Table
References (16)
Related Citation (1)

Download: PDF (414 KB)
Export: BibTeX | EndNote (RIS)

Abstract

This paper shows the rebound attack on the Feistel-SPS structure, which has the Feistel network with a Substitution-Permutation-Substitution (SPS) round function. A 6-round known-key truncated differential distinguisher is obtained by studying the diffusion properties of differences. Based on the distinguisher, a near- collision attack on the compression functions of this structure embedding the Matyas-Meyer-Oseas (MMO) and Miyaguchi-Preneel (MP) modes is given. Besides, the 6-round distinguisher is extended and a 7-round truncated differential path is constructed to get a 7-round truncated differential distinguisher of the compression function for the two modes mentioned before.

Key words： Rebound attack Feistel structure Substitution-Permutation-Substitution (SPS) function Truncated differential distinguisher Near-collision

Received: 09 November 2015 Published: 24 June 2016

PACS:

TN918.4

Fund:

National Natural Science Foundation of China (61402154, U1404601, 11471104, 11171093), Program for Innovative Research Team (in Science and Technology) in University of Henan Province (14IRTSTHN023)

Corresponding Authors: DONG Le E-mail: dongle127@163.com

	Service

	E-mail this article
	Add to my bookshelf
	Add to citation manager
	E-mail Alert
	RSS
	Articles by authors
	DONG Le
	ZOU Jian
	WU Wenling
	DU Jiao

Cite this article:

DONG Le,ZOU Jian,WU Wenling等. Rebound Attack on the Feistel-SPS Structure[J]. JEIT, 2016, 38(8): 1928-1934.

URL:

http://jeit.ie.ac.cn/EN/10.11999/JEIT151255 OR http://jeit.ie.ac.cn/EN/Y2016/V38/I8/1928

[1]	U.S. Department of Commerce and National Institute of Standards and Technology. FIPS PUB 46-3[S]. 1999.
[2]	WU Wenling and ZHANG Lei. LBlock: a lightweight block cipher[C]. 9th International Conference on Applied Cryptography and Network Security-ACNS 2011, Nerja, Spain, 2011: 327-344. doi: 10.1007/978-3-642-21554-4_19.
[3]	BOGDANOV A and SHIBUTANI K. Double SP-functions: enhanced generalized Feistel networks[C]. 16th Australasian Conference on Information Security and Privacy-ACISP 2011, Melbourne, Australia, 2011: 106-119. doi: 10.1007/978-3-642- 22497-3_8.
[4]	SHIBUTANI K, ISOBE T, HIWATARI H, et al. Piccolo: an ultra-lightweight blockcipher[C]. 13th International Workshop on Cryptographic Hardware and Embedded Systems-CHES 2011, Nara, Japan, 2011: 342-357. doi: 10.1007/978-3-642-23951-9_23.
[5]	KNUDSEN L R and RIJMEN V. Known-key distinguishers for some block ciphers[C]. 13th International Conference on the Theory and Application of Cryptology and Information Security-ASIACRYPT 2007, Kuching, Malaysia, 2007: 315-324. doi: 10.1007/978-3-540-76900-2_19.
[6]	BLONDEAU C, PEYRIN T, and WANG L. Known-key distinguisher on full PRESENT[C]. 35th Annual Cryptology Conference on Advances in Cryptology-CRYPTO 2015, Santa Barbara, USA, 2015: 455-474. doi: 10.1007/978-3-662- 47989-6_22.
[7]	ANDREEVA E, BOGDANOV A, and MENNINK B. Towards understanding the known-key security of block ciphers[C]. 20th International Workshop on Fast Software Encryption-FSE 2013, Singapore, 2013: 348-366. doi: 10.1007 /978-3-662-43933-3_18.
[8]	ZHA Daren, WU Shuang, and WANG Qiongxiao. Improved known-key distinguisher on round-reduced 3D block cipher[J]. Chinese Journal of Electronics, 2015, 24(1): 199-204. doi: 10.1049/cje.2015.01.033.
[9]	AOKI K. A property for full CLEFIA-128 detected by a middletext distinguisher under the known-key setting[J]. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2014, 97(1): 292-297. doi: 10.1587/transfun.E97.A.292.
[10]	SASAKI Y and YASUDA K. Known-key distinguishers on 11-round Feistel and collision attacks on its hashing modes[C]. 18th International Workshop on Fast Software Encryption- FSE 2011, Lyngby, Denmark, 2011: 397-415. doi: 10.1007/ 978-3-642-21702-9_23.
[11]	HYUNGCHUL K, DEUKJO H, DUKJAE M, et al. Known-key attacks on generalized Feistel schemes with SP round function[J]. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2012, 95(9): 1550-1560. doi: 10.1587/transfun.E95.A.1550.
[12]	DONG Le, WU Wenling, WU Shuang, et al. Known-key distinguishers on type-1 Feistel scheme and near-collision attacks on its hashing modes[J]. Frontiers of Computer Science, 2014, 8(3): 513-525. doi: 10.1007/s11704-014-2412-7.
[13]	DONG Le, WANG Yanling, WU Wenling, et al. Known-key distinguishers on 15-round 4-branch type-2 generalised Feistel networks with single substitution-permutation functions and near-collision attacks on its hashing modes[J]. IET Information Security, 2015, 9(5): 277-283. doi: 10.1049/ iet-ifs.2014.0402.
[14]	SASAKI Y. Double-sp is weaker than single-sp: rebound attacks on Feistel ciphers with several rounds[C]. 13th International Conference on Progress in Cryptology- INDOCRYPT 2012, Kolkata, India, 2012: 265-282. doi: 10.1007/978-3-642-34931-7_16.
[15]	MENDEL F, RECHBERGER C, SCHLÄFFER M, et al. The rebound attack: cryptanalysis of reduced Whirlpool and Grøstl[C]. 16th International Workshop on Fast Software Encryption-FSE 2009, Leuven, Belgium, 2009: 260-276. doi: 10.1007/978-3-642-03317-9_16.
[16]	SASAKI Y, LI Y, WANG L, et al. Non-full-active Super-Sbox analysis: applications to ECHO and Grøstl[C]. 16th International Conference on Advances in Cryptology- ASIACRYPT 2010, Singapore, 2010: 38-55. doi: 10.1007/ 978-3-642-17373-8_3.