On maximum differential probability of generalized Feistel

Abstract

The maximum differential probability (MDP) is an important security measure for blockciphers. We investigate MDP of Type-2 generalized Feistel structure (Type-2 GFS), one of the most popular cipher architectures. Previously MDP of Type-2 GFS has been studied for partition number (number of sub-blocks) k = 2 by Aoki and Ohta, and k = 4 by Kim et al. These studies are based on ad-hoc case analysis and it seems rather difficult to analyze larger k by hand. In this paper, we abstract the idea of previous studies and generalize it for any k, and implement it using computers. We investigate Type-2 GFS of k = 4,6,8 and 10 with k + 1 rounds, and obtain O(pk) bound for all cases, when the round function is invertible and its MDP is p. The bound for k = 4 is improved from Kim et al. and those for larger k are new. We also investigate an improvement of Type-2 GFS proposed by Suzaki and Minematsu, and obtain similar bounds as Type-2. © 2011 Springer-Verlag.