Paper 2011/685

Cryptanalysis of Symmetric Block Ciphers Based on the Feistel Network with Non-bijective S-boxes in the Round Function

Roman Oliynykov

Abstract

We consider ciphertext-only attack on symmetric block ciphers based on the Feistel network with secret S-boxes installed as an additional parameter, like in Soviet GOST 28147-89. In case when S-boxes are generated by authorized agency and cannot be verified by end-user of the cipher (e.g., in case of special equipment for encryption), application of non-bijective S-boxes allows significantly decrease deciphering complexity for authorized agency preserving high-level strength for other cryptanalysts.We show that it is necessary to have non-bijective S-boxes which outputs form non-trivial subgroup and give an example for deciphering complexity with known and secret non-bijective S-boxes for GOST.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
block ciphersFeistel networkciphertext-only attack
Contact author(s)
ROliynykov @ gmail com
History
2011-12-23: received
Short URL
https://ia.cr/2011/685
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/685,
      author = {Roman Oliynykov},
      title = {Cryptanalysis of Symmetric Block Ciphers Based on the Feistel Network with Non-bijective S-boxes in the Round Function},
      howpublished = {Cryptology ePrint Archive, Paper 2011/685},
      year = {2011},
      note = {\url{https://eprint.iacr.org/2011/685}},
      url = {https://eprint.iacr.org/2011/685}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.