Efficient Search for Optimal Diffusion Layers of Generalized Feistel Networks
The Feistel construction is one of the most studied ways of building block ciphers. Several generalizations were then proposed in the literature, leading to the Generalized Feistel Network, where the round function first applies a classical Feistel operation in parallel on an even number of blocks,...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Ruhr-Universität Bochum
2019-06-01
|
| Series: | IACR Transactions on Symmetric Cryptology |
| Subjects: | |
| Online Access: | https://tosc.iacr.org/index.php/ToSC/article/view/8321 |
| id |
doaj-dfd77bdea9e848dea9c8f505718f1f54 |
|---|---|
| record_format |
Article |
| spelling |
doaj-dfd77bdea9e848dea9c8f505718f1f542021-03-02T06:17:28ZengRuhr-Universität BochumIACR Transactions on Symmetric Cryptology2519-173X2019-06-012019210.13154/tosc.v2019.i2.218-240Efficient Search for Optimal Diffusion Layers of Generalized Feistel NetworksPatrick Derbez0Pierre-Alain Fouque1Baptiste Lambin2Victor Mollimard3Université de Rennes 1, CNRS, IRISA, Rennes, FranceUniversité de Rennes 1, CNRS, IRISA, Rennes, FranceUniversité de Rennes 1, CNRS, IRISA, Rennes, FranceUniversité de Rennes 1, CNRS, IRISA, Rennes, France The Feistel construction is one of the most studied ways of building block ciphers. Several generalizations were then proposed in the literature, leading to the Generalized Feistel Network, where the round function first applies a classical Feistel operation in parallel on an even number of blocks, and then a permutation is applied to this set of blocks. In 2010 at FSE, Suzaki and Minematsu studied the diffusion of such construction, raising the question of how many rounds are required so that each block of the ciphertext depends on all blocks of the plaintext. They thus gave some optimal permutations, with respect to this diffusion criteria, for a Generalized Feistel Network consisting of 2 to 16 blocks, as well as giving a good candidate for 32 blocks. Later at FSE’19, Cauchois et al. went further and were able to propose optimal even-odd permutations for up to 26 blocks. In this paper, we complete the literature by building optimal even-odd permutations for 28, 30, 32, 36 blocks which to the best of our knowledge were unknown until now. The main idea behind our constructions and impossibility proof is a new characterization of the total diffusion of a permutation after a given number of rounds. In fact, we propose an efficient algorithm based on this new characterization which constructs all optimal even-odd permutations for the 28, 30, 32, 36 blocks cases and proves a better lower bound for the 34, 38, 40 and 42 blocks cases. In particular, we improve the 32 blocks case by exhibiting optimal even-odd permutations with diffusion round of 9. The existence of such a permutation was an open problem for almost 10 years and the best known permutation in the literature had a diffusion round of 10. Moreover, our characterization can be implemented very efficiently and allows us to easily re-find all optimal even-odd permutations for up to 26 blocks with a basic exhaustive search https://tosc.iacr.org/index.php/ToSC/article/view/8321Diffusion roundFeistelPermutations |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Patrick Derbez Pierre-Alain Fouque Baptiste Lambin Victor Mollimard |
| spellingShingle |
Patrick Derbez Pierre-Alain Fouque Baptiste Lambin Victor Mollimard Efficient Search for Optimal Diffusion Layers of Generalized Feistel Networks IACR Transactions on Symmetric Cryptology Diffusion round Feistel Permutations |
| author_facet |
Patrick Derbez Pierre-Alain Fouque Baptiste Lambin Victor Mollimard |
| author_sort |
Patrick Derbez |
| title |
Efficient Search for Optimal Diffusion Layers of Generalized Feistel Networks |
| title_short |
Efficient Search for Optimal Diffusion Layers of Generalized Feistel Networks |
| title_full |
Efficient Search for Optimal Diffusion Layers of Generalized Feistel Networks |
| title_fullStr |
Efficient Search for Optimal Diffusion Layers of Generalized Feistel Networks |
| title_full_unstemmed |
Efficient Search for Optimal Diffusion Layers of Generalized Feistel Networks |
| title_sort |
efficient search for optimal diffusion layers of generalized feistel networks |
| publisher |
Ruhr-Universität Bochum |
| series |
IACR Transactions on Symmetric Cryptology |
| issn |
2519-173X |
| publishDate |
2019-06-01 |
| description |
The Feistel construction is one of the most studied ways of building block ciphers. Several generalizations were then proposed in the literature, leading to the Generalized Feistel Network, where the round function first applies a classical Feistel operation in parallel on an even number of blocks, and then a permutation is applied to this set of blocks. In 2010 at FSE, Suzaki and Minematsu studied the diffusion of such construction, raising the question of how many rounds are required so that each block of the ciphertext depends on all blocks of the plaintext. They thus gave some optimal permutations, with respect to this diffusion criteria, for a Generalized Feistel Network consisting of 2 to 16 blocks, as well as giving a good candidate for 32 blocks. Later at FSE’19, Cauchois et al. went further and were able to propose optimal even-odd permutations for up to 26 blocks.
In this paper, we complete the literature by building optimal even-odd permutations for 28, 30, 32, 36 blocks which to the best of our knowledge were unknown until now. The main idea behind our constructions and impossibility proof is a new characterization of the total diffusion of a permutation after a given number of rounds. In fact, we propose an efficient algorithm based on this new characterization which constructs all optimal even-odd permutations for the 28, 30, 32, 36 blocks cases and proves a better lower bound for the 34, 38, 40 and 42 blocks cases. In particular, we improve the 32 blocks case by exhibiting optimal even-odd permutations with diffusion round of 9. The existence of such a permutation was an open problem for almost 10 years and the best known permutation in the literature had a diffusion round of 10. Moreover, our characterization can be implemented very efficiently and allows us to easily re-find all optimal even-odd permutations for up to 26 blocks with a basic exhaustive search
|
| topic |
Diffusion round Feistel Permutations |
| url |
https://tosc.iacr.org/index.php/ToSC/article/view/8321 |
| work_keys_str_mv |
AT patrickderbez efficientsearchforoptimaldiffusionlayersofgeneralizedfeistelnetworks AT pierrealainfouque efficientsearchforoptimaldiffusionlayersofgeneralizedfeistelnetworks AT baptistelambin efficientsearchforoptimaldiffusionlayersofgeneralizedfeistelnetworks AT victormollimard efficientsearchforoptimaldiffusionlayersofgeneralizedfeistelnetworks |
| _version_ |
1724242160427991040 |