\quad In this paper, we study distinguishing attacks on GUFN-$n$. We find an $n^2$-round integral distinguisher and show that it can be simply extended to an $(n^2+n-2)$-round higher-order integral distinguisher. Moreover, we point out that the $n^2$-round integral distinguisher corresponds to an $n^2$-round truncated differential with probability 1, based on which an impossible differential with up to $(n^2+n-2)$-round can be constructed. At last, we describe a variant structure of GUFN-$n$, denoted as GUFN$^*$-$n$, where the round function is $F(x\oplus K)$. For this variant structure, we present a new kind of $n^2$-round non-surjective distinguisher and use it to attack GUFN$^*$-$n$ with very low data complexity.
Category / Keywords: secret-key cryptography / Generalized Unbalanced Feistel Network, Integral, Impossible Differential, Non-surjective Distinguisher Publication Info: A full version of this paper under the title "Cryptanalysis of a Generalized Unbalanced Feistel Network Structure" will appear in the proceedings of ACISP 2010. Date: received 20 Jul 2009, last revised 5 Oct 2010 Contact author: securitylrl at gmail com Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation Version: 20101005:152132 (All versions of this report) Discussion forum: Show discussion | Start new discussion