Known‐key distinguishers on 15‐round 4‐branch type‐2 generalised Feistel networks with single substitution–permutation functions and near‐collision attacks on its hashing modes

Generalised Feistel network (GFN) is a popular design for block ciphers and hash functions. The round function of the network often chooses a substitution–permutation (SP) transformation (consists of a subkey XOR, an S‐boxes layer and a linear layer). In 2011, Bogdanov and Shibutani provided another choice to build round functions, namely the double SP‐functions, which has two SP‐layers in series. They showed that a 4‐branch type‐2 GFN with double SP‐functions was stronger than the one with single SP‐function in terms of the number of active S‐boxes in a differential or linear cryptanalysis, but some subsequent results showed that the double SP‐function is the weaker one in some known‐key scenarios and hashing modes. In this study, the authors present a new result of the 4‐branch type‐2 GFN, whose round function is a single SP‐function. They show some 15‐round truncated differential distinguishers for this network with four usual parameters by utilising some rebound attack techniques. Based on these distinguishers, they construct some 15‐round near‐collision attacks on the Matyas–Meyer–Oseas and Miyaguchi–Preneel compression function modes in which the 4‐branch type‐2 GFN with the single SP‐function is used.