Abstract
A block cipher, which is an important cryptographic primitive, is a bijective mapping from {0, 1}N to {0,1}N (N is called the block size), parameterized by a key. In the true random cipher, each key results in a distinct mapping, and every mapping is realized by some key—this is generally taken to be the ideal cipher model. This chapter considers a fundamental block cipher architecture called a substitution-permutation network (SPN). Specifically, expected linear probability (ELP) values for SPNs, which are the basis for a powerful attack called linear cryptanalysis, are investigated. It is shown that if the substitution components (s-boxes) of an SPN are randomly selected, then the expected value of any ELP entry converges to the corresponding value for the true random cipher, as the number of encryption rounds is increased. This gives quantitative support to the claim that the SPN structure is a practical approximation of the true random cipher.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
C. M. Adams, A Formal and Practical Design Procedure for Substitution-permutation Network Cryptosystems, Ph.D. Thesis, Queen’s University, Kingston, Canada, 1990.
E. Biham, On Matsui’s linear cryptanalysis, Advances in Cryptology EUROCRYPT’94, LNCS 950, Springer-Verlag, pp. 341–355, 1995.
E. Biham and A. Shamir, Differential cryptanalysis of DES-like cryptosystems, Journal of Cryptology, Vol. 4, No. 1, pp. 3–72, 1991.
Z. G. Chen and S.E. Tavares, Towards provable security of substitution-permutation encryption networks, Fifth Annual International Workshop on Selected Areas in Cryptography (SAC’98), LNCS 1556, Springer-Verlag, pp. 43–56, 1999.
J. Daemen, R. Govaerts, and J. Vandewalle, Correlation matrices, Fast Software Encryption : Second International Workshop, LNCS 1008, Springer-Verlag, pp. 275–285, 1995.
H. Feistel, Cryptography and computer privacy, Scientific American, Vol. 228, No. 5, pp. 15–23, May 1973.
H. Feistel, Advanced Encryption Standard (AES), Federal Information Processing Standards Publication 197, U.S. Department of Commerce, National Institute of Standards and Technology, Information Technology Laboratory, Gaithersburg, Maryland, 2001.
H. M. Heys and S. E. Tavares, Substitution-permutation networks resistant to differential and linear cryptanalysis, Journal of Cryptology, Vol. 9, No. 1, pp. 1–19, 1996.
S. Hong, S. Lee, J. Lim, J. Sung, and D. Cheon, Provable security against differential and linear cryptanalysis for the SPN structure, Fast Software Encryption (FSE 2000), LNCS 1978, Springer-Verlag, pp. 273–283, 2001.
J. B. Kam and G. I. Davida, Structured design of substitutionpermutation encryption networks, IEEE Transactions on Computers, Vol. C-28, No. 10, pp. 747–753, October 1979.
L. Keliher, H. Meijer, and S. Tavares, Modeling linear characteristics of substitution-permutation networks, Sixth Annual International Workshop on Selected Areas in Cryptography (SAC’99), LNCS 1758, Springer-Verlag, pp. 78–91, 2000.
L. Keliher, H. Meijer, and S. Tavares, New method for upper bounding the maximum average linear hull probability for SPNs, Advances in Cryptology-EUROCRYPT 2001, LNCS 2045, Springer-Verlag, pp. 420–436, 2001.
M. G. Kendall, The Advanced Theory of Statistics, Volume I, Charles Griffin & Company Limited, 1943.
L. R. Knudsen, Practically secure Feistel ciphers, Fast Software Encryption, LNCS 809, Springer-Verlag, pp. 211–221, 1994.
X. Lai, J. Massey, and S. Murphy, Markov ciphers and differential cryptanalysis, Advances in Cryptology EUROCRYPT’91, LNCS 547, Springer-Verlag, pp. 17–38, 1991.
M. Matsui, Linear cryptanalysis method for DES cipher, Advances in Cryptology EUROCRYPT’93, LNCS 765, SpringerVerlag, pp. 386–397, 1994.
M. Matsui, On correlation between the order of s-boxes and the strength of DES, Advances in Cryptology EUROCRYPT’94, LNCS 950, Springer-Verlag, pp. 366–375, 1995.
W. Meier and O. Staffelbach, Nonlinearity criteria for cryptographic functions, Advances in Cryptology EUROCRYPT’89, LNCS 434, Springer-Verlag, pp. 549–562, 1990.
A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996.
K. Nyberg, Linear approximation of block ciphers, Advances in Cryptology EUROCRYPT’94, LNCS 950, Springer-Verlag, pp. 439–444, 1995.
L. O’Connor, Properties of linear approximation tables, Fast Software Encryption : Second International Workshop, LNCS 1008, Springer-Verlag, pp. 131–136, 1995.
C. E. Shannon, Communication theory of secrecy systems, Bell System Technical Journal, Vol. 28, no. 4, pp. 656–715, 1949.
S. Vaudenay, On the security of CS-Cipher, Fast Software Encryption (FSE’99), LNCS 1636, Springer-Verlag, pp. 260–274, 1999.
A. M. Youssef, Analysis and Design of Block Ciphers, Ph.D. Thesis, Queen’s University, Kingston, Canada, 1997.
A. M. Youssef and S.E. Tavares, Resistance of balanced s-boxes to linear and differential cryptanalysis, Information Processing Letters, Vol. 56, pp. 249–252, 1995.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer Science+Business Media New York
About this chapter
Cite this chapter
Keliher, L., Meijer, H., Tavares, S. (2003). Toward the True Random Cipher: On Expected Linear Probability Values for SPNS with Randomly Selected S-Boxes. In: Bhargava, V.K., Poor, H.V., Tarokh, V., Yoon, S. (eds) Communications, Information and Network Security. The Springer International Series in Engineering and Computer Science, vol 712. Springer, Boston, MA. https://doi.org/10.1007/978-1-4757-3789-9_8
Download citation
DOI: https://doi.org/10.1007/978-1-4757-3789-9_8
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5318-6
Online ISBN: 978-1-4757-3789-9
eBook Packages: Springer Book Archive