A practical measure to estimate the immunity of block ciphers against differential and linear attacks consists of finding the minimum number of active S-Boxes, or a lower bound for this minimum number. The evaluation result of lower bounds of differentially active S-boxes of AES, Camellia (without FL/FL-1) and Feistel ciphers with an MDS based matrix of branch number 9, showed that the percentage of active S-boxes in Feistel ciphers is lower than in AES. The cause is a difference cancellation property which can occur at the XOR operation in the Feistel structure. In this paper we propose a new design strategy to avoid such difference cancellation by employing multiple MDS based matrices in the diffusion layer of the F-function. The effectiveness of the proposed method is confirmed by an experimental result showing that the percentage of active S-boxes of the newly designed Feistel cipher becomes the same as for the AES. © International Association for Cryptologic Research 2004.
CITATION STYLE
Shirai, T., & Shibutani, K. (2004). Improving immunity of Feistel ciphers against differential cryptanalysis by using multiple MDS matrices. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3017, 260–278. https://doi.org/10.1007/978-3-540-25937-4_17
Mendeley helps you to discover research relevant for your work.