Abstract
Inthis paper we generalize the structure of the ciphers Shark, Square, BKSQ, Crypton and Rijndael. We show that the linearcomponents play an essential role in the effect of the nonlinearS-boxes in providing resistance against differential and linearcryptanalysis and provide upper bounds for the probability ofdifferential characteristics and the correlation of linear approximationsfor the general structure. We show how good linear componentscan be constructed efficiently from Maximum-Distance Separablecodes. The presented block cipher structure can make optimaluse of a wide range of processor word lengths and its parallelismallows very fast dedicated hardware implementations. Cipherswith variable block length can be constructed by varying certainparameters in the presented structure.
Similar content being viewed by others
References
E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag (1993).
J. Daemen, R. Govaerts and J. Vandewalle, Correlation matrices, Fast Software Encryption (B. Preneel, ed.), LNCS, Springer-Verlag, 1008 (1995) pp. 275–285.
J. Daemen, V. Rijmen, The block cipher Rijndael, available from NIST's AES homepage, http://www. nist.gov/aes/.
J. Daemen, L. Knudsen, V. Rijmen, The block cipher Square, Fast Software Encryption (E. Biham, ed.), LNCS, Springer-Verlag, 1267 (1997) pp. 149–165.
J. Daemen and V. Rijmen, The block cipher BKSQ, Proceedings of CARDIS '98, LNCS, Springer-Verlag (to appear).
C. Ding, V. Niemi, A. Renvall and A. Salomaa, TWOPRIME: a fast stream ciphering algorithm, Fast Software Encryption (E. Biham, ed.), LNCS, Springer-Verlag, 1267 (1997) pp. 88–102.
H. Feistel, Cryptography and computer privacy, Scientific American, Vol. 228, No. 5 (May 1973) pp. 15–23.
H. M. Heys and S. E. Tavares, Substitution-permutation networks resistant to differential and linear cryptanalysis, Journal of Cryptology, Vol. 9, No. 1, (1996), pp. 1–20.
T. Jakobsen and L. R. Knudsen, The interpolation attack on block ciphers, Fast Software Encryption (E. Biham, ed.), LNCS, Springer-Verlag, 1267 (1997) pp. 28–40.
K. Kim, T. Matsumoto and H. Imai, A recursive construction method of S-boxes satisfying strict avalanche criterion, Advances in Cryptology, Proc. Crypto '90 (S. Vanstone, ed.), LNCS, Springer-Verlag, 537 (1991) pp. 564–575.
X. Lai, J. L. Massey and S. Murphy, Markov ciphers and differential cryptanalysis, Advances in Cryptology, Proceedings Eurocrypt '91 ( D. W. Davies, ed.), LNCS, Springer-Verlag, 547 (1991) pp. 17–38.
C. H. Lim, Crypton: A new 128-bit block cipher, available from NIST's AES homepage, http://www. nist.gov/aes/.
F. J. MacWilliams and N. J. A. Sloane, The Theory of Error-Correcting Codes, North-Holland, Amsterdam (1977).
J. Massey, SAFER-K64, a byte-oriented block-ciphering algorithm, Fast Software Encryption (R. Anderson, ed.), LNCS, Springer-Verlag, 809 (1994) pp. 1–17.
J. Massey, Nomination of SAFER+ as candidate a algorithm for the Advanced Encryption Standard (AES), available from NIST's AES homepage, http://www.nist.gov/aes/.
M. Matsui, Linear cryptanalysis method for DES cipher, Advances in Cryptology, Proceedings Eurocrypt '93 (T. Helleseth, ed.), LNCS, Springer-Verlag, 765 (1994) pp. 386–397.
K. Nyberg, Differentially uniform mappings for cryptography, Advances in Cryptology, Proc. Eurocrypt '93 (T. Helleseth, ed.), LNCS, Springer-Verlag, 765 (1994) pp. 55–64.
V. Rijmen, J. Daemen, B. Preneel, A. Bosselaers, E. DeWin, The cipher SHARK, Fast Software Encryption (D. Gollmann, ed.) LNCS, Springer-Verlag, 1039 (1996) pp. 99–111.
C. E. Shannon, Communication theory of secrecy systems, Bell System Technical Journal, No. 30 (1949) pp. 50–64.
S. Tavares and A. M. Youssef, On the avalanche characteristics of substitution permutation networks, Proceedings of Pragocrypt '96 (J. Přibyl, ed.), CTU Publishing House, Prague (1996) pp. 18–29.
S. Vaudenay, On the need for multipermutations: Cryptanalysis of MD4 and SAFER, Fast Software Encryption (B. Preneel, ed.), LNCS, Springer-Verlag, 1008 (1995) pp. 286–297.
A. M. Youssef, S. Mister and S. E. Tavares, Onthe design of linear transformations for substitution permutation encryption networks, Records of theWorkshop on Selected Areas in Cryptography (SAC'97), Ottawa, August 11–12, 1997, pp. 40–48.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Daemen, J., Knudsen, L.R. & Rijmen, V. Linear Frameworks for Block Ciphers. Designs, Codes and Cryptography 22, 65–87 (2001). https://doi.org/10.1023/A:1008303310011
Issue Date:
DOI: https://doi.org/10.1023/A:1008303310011