Skip to Main content Skip to Navigation
New interface

Analyse de la résistance des chiffrements par blocs aux attaques linéaires et différentielles

Abstract : In this work, we refine the classical criteria for the resistance of substitution-permutation networks against differential and linear cryptanalyses. We provide a new upper bound on the MEDP2 and MELP2 when the diffusion layer is linear over the finite field defined by the Sbox alphabet. This bound only depends on the Sbox and on the branch number of the linear layer. We also provide a lower bound on these quantities and we show that, under some condition, it is optimal in the sense that there exists a diffusion layer for which the bound is tight. Moreover, we introduce a particular class of Sboxes, for which the bounds are easier to compute. If S and its inverse are in this class, then the lower bound is tight for any MDS linear layer. Furthermore, we prove that the inversion in the field with 2^m elements is the mapping in its equivalence class which has the highest MEDP2 and MELP2, independently of the choice of the linear diffusion layer. This situation mainly originates from the fact that it is an involution. We also focus on the differentials that reach the MEDP2. Though it appears to be the case for most known examples, there is a priori no reason to believe that these differentials correspond to a differential with the lowest number of active Sboxes. We detail some situations for which we prove that the MEDP2 is achieved by a differential with the smallest number of active Sboxes, for instance when the Sbox is carefully chosen. However, this phenomenon is not general as we exhibit the first examples of SPNs where the MEDP2 is achieved by a differential in which the number of active Sboxes exceeds the branch number.
Document type :
Complete list of metadata

Cited literature [61 references]  Display  Hide  Download
Contributor : ABES STAR :  Contact
Submitted on : Friday, April 29, 2016 - 10:22:10 AM
Last modification on : Wednesday, June 8, 2022 - 12:50:05 PM


Version validated by the jury (STAR)


  • HAL Id : tel-01245102, version 2


Joëlle Roué. Analyse de la résistance des chiffrements par blocs aux attaques linéaires et différentielles. Cryptographie et sécurité [cs.CR]. Université Pierre et Marie Curie - Paris VI, 2015. Français. ⟨NNT : 2015PA066512⟩. ⟨tel-01245102v2⟩



Record views


Files downloads