Provable Security Against Differential Cryptanalysis

@inproceedings{Nyberg1992ProvableSA,
  title={Provable Security Against Differential Cryptanalysis},
  author={Kaisa Nyberg and Lars Ramkilde Knudsen},
  booktitle={CRYPTO},
  year={1992}
}
The purpose of this paper is to show that there exist DES-like iterated ciphers, which are provably resistant against differential attacks. The main result on the security of a DES-like cipher with independent round keys is Theorem 1, which gives an upper bound to the probability of r-round differentials, as defined in [3] and this upper bound depends only on the round function of the iterated cipher. Moreover, it is shown that there exist functions such that the probabilities of differentials… 
Provable Security for the Skipjack-like Structure against Differential Cryptanalysis and Linear Cryptanalysis
TLDR
It is the main result of this paper that the upper bound of r-round (r ≥ 15) differential probabilities are bounded by p4 if the maximum differential probability of a round function is p, and an impossible differential of this structure does not exist if r ≥ 16.
New Structure of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis
  • M. Matsui
  • Computer Science, Mathematics
    FSE
  • 1996
We introduce a methodology for designing block ciphers with provable security against differential and linear cryptanalysis. It is based on three new principles: change of the location of round
Resistance Against General Iterated Attacks
TLDR
The main theorem enables to prove the security against iterated attacks of order d of some recently proposed block ciphers COCONUT98 and PEANUT98, as well as the AES candidate DFC.
Toward Provable Security of Substitution-Permutation Encryption Networks
TLDR
Investigating some security properties of basic substitution-permutation encryption networks by studying the nonlinearity distribution and the XOR table distribution provides some evidence which shows that a basic SPN converges to a randomly generated s-box with the same dimensions as the SPN after enough number of rounds.
Seven New Block Cipher Structures with Provable Security against Differential Cryptanalysis
TLDR
This paper introduces seven new block cipher structures, named Feistel-variant A, B, CLEFIA and MISTY-FO-variants A,B, C, D structures, and shows that these structures are provably resistant against differential cryptanalysis.
Provable Security for Block Ciphers by Decorrelation
TLDR
A new way of protecting block ciphers against classes of attacks (including differential and linear crypt-analysis) which is based on the notion of decorrelation which is fairly connected to Carter-Wegman's notion of universal functions is investigated.
Provable Security Against Differential Attacks for Generalized SPN Structures
  • Ruya Fan
  • Computer Science, Mathematics
    Proceedings of the 2019 International Conference on Computer, Network, Communication and Information Systems (CNCI 2019)
  • 2019
TLDR
This work proves that the SPN structure with an extended diffusion layer provides a provable security against differential attack and linear attack and gives the first security evaluation for some SPS structures with the matrix over ( ) GF 2 against differentialAttack.
Provable Security against Differential and Linear Cryptanalysis for the SPN Structure
TLDR
This work proves that the SPN structure with a maximal diffusion layer provides a provable security against differential cryptanalysis and linear cryptanalysis in the sense that the probability of each differential is bounded by pn, where p (respectively q) is the maximum differential probability of n S-boxes used in the substitution layer.
A Note on the Higher Order Differential Attack of Block Ciphers with Two-Block Structures
TLDR
It is proved that in the case of 4 rounds encryption function, these three types provide an equal strength against higher order differential attack and that inThe case of 5 or more rounds, R-type is weaker than C-type and L-type, and it is shown that these facts also hold similarly for probabilistic higher orders differential attack.
Block Ciphers - A Survey
  • L. Knudsen
  • Computer Science, Mathematics
    State of the Art in Applied Cryptography
  • 1997
TLDR
This paper gives a short overview of the state of the art of secret key block ciphers, namely for encryption, and focuses on the main application of block cips for encryption.
...
...

References

SHOWING 1-9 OF 9 REFERENCES
Markov Ciphers and Differential Cryptanalysis
TLDR
It is shown that PES (8) and PES(16) are immune to differential cryptanalysis after sufficiently many rounds, and a new design principle for Markov ciphers, viz., that their transition probability matrices should not be symmetric is suggested.
Differential Cryptanalysis of the Full 16-Round DES
TLDR
The first known attack is developed which is capable of breaking the full 16 round DES in less than the 255 complexity of exhaustive search and can be carried out in parallel on up to 233 disconnected processors with linear speedup.
Public Quadratic Polynominal-Tuples for Efficient Signature-Verification and Message-Encryption
TLDR
It is shown that for C* it is practically infeasible to extract the n-tuple of n-variate polynomials representing the inverse of the corresponding public key.
Nonlinearity Criteria for Cryptographic Functions
TLDR
Nonlinearity criteria for Boolean functions are classified in view of their suitability for cryptographic design and two criteria turn out to be of special interest, the distance to linear structures and the Distance to affine functions, which are shown to be invariant under all affine transformations.
Perfect Nonlinear S-Boxes
  • K. Nyberg
  • Mathematics, Computer Science
    EUROCRYPT
  • 1991
TLDR
A perfect nonlinear S-box is a substitution transformation with evenly distributed directional derivatives and the number of input variables is at least twice thenumber of output variables.
On the Construction of Highly Nonlinear Permutations
  • K. Nyberg
  • Computer Science, Mathematics
    EUROCRYPT
  • 1992
TLDR
The substitution boxes of DES are relatively small in dimension and they can be generated by testing randomly chosen functions for required design criteria, but when the dimensions grow larger, analytic construction methods become necessary.
Public quadratic polynomial-tuples for eficient s i p nature-verification and message-encryption. Advances in Cryptology - Eurocrypt '88
  • Finite Fields. Encyclopedia of Mathematics and its applications,
  • 1983