Weak Linear Layers in Word-Oriented Partial SPN and HADES-Like Schemes

Lorenzo Grassi*, Christian Rechberger, Markus Schofnegger

*Corresponding author for this work

Research output: Working paper

Abstract

Designing cryptographic permutations and ciphers using a substitution-permutation network (SPN) approach where the nonlinear part does not cover the full state has recently gained attention due to favourable implementation characteristics in various scenarios.

For word-oriented partial SPN schemes with a fixed linear layer, our goal is to better understand linear layer construction. In this paper we derive conditions which allow either to set up or to prevent attacks based on infinitely long truncated differentials with probability 1. Our analysis is rather broad compared to earlier independent work on this problem, since we consider (1) both invariant and non-invariant trails, and (2) trails with and without active S-boxes.

For these cases, we are able to provide rigorous sufficient and necessary conditions preventing the analyzed attacks. On the practical side, we present a tool which is able to determine whether a given linear layer is vulnerable based on these results.

Besides P-SPN schemes, our observations may also have a crucial impact on the recent HADES design strategy, which mixes rounds with full S-box layers and rounds with partial S-box layers.
Original languageEnglish
Number of pages24
Publication statusPublished - 2 Jul 2020

Publication series

NameCryptology ePrint Archive: Report
Volume2020/500

Fingerprint Dive into the research topics of 'Weak Linear Layers in Word-Oriented Partial SPN and HADES-Like Schemes'. Together they form a unique fingerprint.

  • Cite this