On Perfect Linear Approximations and Differentials over Two-Round SPNs [Revision in ePrint Archive]
- Recent constructions of (tweakable) block ciphers with an embedded cryptographic backdoor relied on the existence of probability-one differentials or perfect (non-)linear approximations over a reduced-round version of the primitive. In this work, we study how the existence of probability-one differentials or perfect linear approximations over two rounds of a substitution-permutation network can be avoided by design. More precisely, we develop criteria on the s-box and the linear layer that guarantee the absence of probability-one differentials for all keys. We further present an algorithm that allows to efficiently exclude the existence of keys for which there exists a perfect linear approximation.
| Author: | Patrick FelkeORCiD, Christof Beierle, Gregor Leander, Patrick Neumann, Lukas Stennes |
|---|---|
| Document Type: | Conference Proceeding |
| Language: | English |
| Year of Completion: | 2023 |
| Release Date: | 2025/02/24 |
| Tag: | boomerang connectivity table; decomposition; differential cryptanalysis; linear cryptanalysis; weak keys |
| Pagenumber: | 39 |
| Note: | Verfügbar unter https://ia.cr/2023/725 |
| Institute: | Fachbereich Technik |
| Research Focus Area: | Industrielle Informatik |