The Generalized Feistel Structure(GFS)is one of the most widely used frameworks in symmetric cipher design.In FES 2010,Suzaki and Minematsu strengthened the cryptanalysis security of GFS by searching for shufes with t...The Generalized Feistel Structure(GFS)is one of the most widely used frameworks in symmetric cipher design.In FES 2010,Suzaki and Minematsu strengthened the cryptanalysis security of GFS by searching for shufes with the best difusion property.In ASIACRYPT 2018,Shi et al.suggested a set of shufes,which makes GFS a better resistance against Demirci–Selcuk meet-in-the-middle cryptanalysis.Since these shufes are diferent from the currently known good ones and also diferent from the shufes used inTWINE and LBlock,our research focuses on a more comprehensive evaluation of GFS with diferent shufes,including difusion property of shufe,diferential,linear,impossible diferential,zero-correlation linear,integral and Demirci–Selcuk meet-in-the-middle cryptanalysis,to fnd the best one.Such evaluations entail signifcant time consumption.Thus,we utilize Mixed Integral Linear Programming models and introduce an evaluate-and-flter strategy to achieve it efciently.Our results verify that the shufes discovered by Suzaki and Minematsu and those used inTWINE and LBlock are the best so far.We also fnd that the cryptanalysis resistances of GFS are not necessarily consistent.It is this fnding that makes the necessity of our more comprehensive evaluation self-evident.展开更多
The Type-2 generalized Feistel structure is widely used in block cipher design.This work conducts a quantum key recovery attack on TWINE-80,a lightweight block cipher based on the improved Type-2 generalized Feistel s...The Type-2 generalized Feistel structure is widely used in block cipher design.This work conducts a quantum key recovery attack on TWINE-80,a lightweight block cipher based on the improved Type-2 generalized Feistel structure.By constructing a round function,a new 7-round quantum distinguisher for TWINE-80 is identified.Leveraging the reuse characteristics of round keys in the algorithm,three pairs of repeated round keys are discovered during the 5-round transformation process.Using Grover’s algorithm to search for partial round keys,a 17-round quantum key recovery attack on TWINE-80 is successfully implemented,with a time complexity of 296 and requiring 327 qubits.Compared to similar studies,this work reduces the time complexity by 26 and slightly decreases the required quantum resources by 12 qubits.展开更多
基金supported by the National Natural Science Foundation of China(Grants 62132008,62372213,62202460,62022036).
文摘The Generalized Feistel Structure(GFS)is one of the most widely used frameworks in symmetric cipher design.In FES 2010,Suzaki and Minematsu strengthened the cryptanalysis security of GFS by searching for shufes with the best difusion property.In ASIACRYPT 2018,Shi et al.suggested a set of shufes,which makes GFS a better resistance against Demirci–Selcuk meet-in-the-middle cryptanalysis.Since these shufes are diferent from the currently known good ones and also diferent from the shufes used inTWINE and LBlock,our research focuses on a more comprehensive evaluation of GFS with diferent shufes,including difusion property of shufe,diferential,linear,impossible diferential,zero-correlation linear,integral and Demirci–Selcuk meet-in-the-middle cryptanalysis,to fnd the best one.Such evaluations entail signifcant time consumption.Thus,we utilize Mixed Integral Linear Programming models and introduce an evaluate-and-flter strategy to achieve it efciently.Our results verify that the shufes discovered by Suzaki and Minematsu and those used inTWINE and LBlock are the best so far.We also fnd that the cryptanalysis resistances of GFS are not necessarily consistent.It is this fnding that makes the necessity of our more comprehensive evaluation self-evident.
文摘The Type-2 generalized Feistel structure is widely used in block cipher design.This work conducts a quantum key recovery attack on TWINE-80,a lightweight block cipher based on the improved Type-2 generalized Feistel structure.By constructing a round function,a new 7-round quantum distinguisher for TWINE-80 is identified.Leveraging the reuse characteristics of round keys in the algorithm,three pairs of repeated round keys are discovered during the 5-round transformation process.Using Grover’s algorithm to search for partial round keys,a 17-round quantum key recovery attack on TWINE-80 is successfully implemented,with a time complexity of 296 and requiring 327 qubits.Compared to similar studies,this work reduces the time complexity by 26 and slightly decreases the required quantum resources by 12 qubits.
基金supported by the National Natural Science Foundation of China under Grant No.10871106
文摘For a class of generalized Feistel block ciphers, an explicit formula for the minimum numbers of linearly active S-boxes of any round r is presented.
