New property of diffusion switching mechanism on CLEFIA and its application to DFA

Abstract

In this paper, we show a new property for the diffusion switching mechanism (DSM) which was proposed by Shirai and Shibutani in 2006, and propose new differential fault attacks (DFAs) on CLEFIA. The DSM is an effective mechanism to design Feistel ciphers, and Feistel ciphers using the DSM are more secure against the differential and the linear cryptanalysis. By applying the DSM to the generalized Feistel network, Shirai et al. proposed a 128-bit block cipher CLEFIA which was adopted as an ISO standard. Shirai and Shibutani proposed two types DSMs; one is using two matrices and the other is using three matrices. It was considered that the security difference between two types DSMs was quite small. In this paper, we propose a new property for the DSM. Our property can be applied to two types DSMs, in particular, it can be applied to the one using two matrices efficiently. We show a small security advantage of the DSM using three matrices, and our results contribute to the comprehension of the DSM. Moreover we can improve DFAs on CLEFIA by using our property. Existing DFAs can not execute without exploiting several faults induced after the 14-th round, but our new DFAs can execute by exploiting several faults induced after the 12-th round. The position where several faults are induced of new DFAs is improved, and it is two rounds earlier than that of existing works. © 2013 Springer-Verlag.