On Perfect Linear Approximations and Differentials over Two-Round SPNs
- Recent constructions of (tweakable) block ciphers with an embedded cryptographic backdoor relied on the existence of probability-one differentials or perfect (non-)linear approximations over a reduced-round version of the primitive. In this work, we study how the existence of probability-one differentials or perfect linear approximations over two rounds of a substitution-permutation network can be avoided by design. More precisely, we develop criteria on the s-box and the linear layer that guarantee the absence of probability-one differentials for all keys. We further present an algorithm that allows to efficiently exclude the existence of keys for which there exists a perfect linear approximation.
| Author: | Patrick FelkeORCiD, Christof Beierle, Gregor Leander, Patrick Neumann, Lukas Stennes |
|---|---|
| DOI: | https://doi.org/10.1007/978-3-031-38548-3_8 |
| ISBN: | 978-3-031-38548-3 |
| Parent Title (English): | Advances in Cryptology – CRYPTO 2023. 43rd Annual International Cryptology Conference (CRYPTO 2023), 20.08.-24.08.2023, Santa Barbara (CA, USA), Proceedings, Part III |
| Editor: | Helena Handschuh, Anna Lysyanskaya |
| Document Type: | Conference Proceeding |
| Language: | English |
| Year of Completion: | 2023 |
| Release Date: | 2025/02/24 |
| Tag: | Differentials; Linear Approximations; SPNs |
| Pagenumber: | 31 |
| First Page: | 209 |
| Last Page: | 239 |
| Institute: | Fachbereich Technik |
| Research Focus Area: | Industrielle Informatik |