Open AccessDivision cryptanalysis of block ciphers with a binary diffusion layer
Author(s) -
Zhang Wenying,
Rijmen Vincent
Publication year - 2019
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/iet-ifs.2018.5151
Subject(s) - division (mathematics) , linear cryptanalysis , block cipher , mathematics , cryptanalysis , higher order differential cryptanalysis , division algorithm , binary number , property (philosophy) , s box , transformation (genetics) , cryptography , computer science , arithmetic , discrete mathematics , algorithm , philosophy , biochemistry , chemistry , epistemology , gene
In this study, the authors propose an accurate approach to model the propagation of the division property of linear layers by the smallest amount of inequalities. The solutions of the inequalities are exactly the division trails of a linear transformation. Therefore, the description is compact and optimal. As applications of their results, they present a 7‐round integral distinguisher for both Midori64 and Midori128. The designers of Midori only obtained a 3.5‐round integral characteristic. For Skinny64, they find a 10‐round integral distinguisher which was previously found by the designers. It is well to remind that their result proves that 7 rounds and 10 rounds are the upper bounds of Midori and Skinny64 correspondingly when searching for integral distinguishers based on division property. The significance of their result lies in that they shed light on how far division cryptanalysis can influence the security analysis of block ciphers with a binary diffusion layer, and their technique can be used to prove security against division cryptanalysis.