Paper 2016/392

Towards a Further Understanding of Bit-Based Division Property

Ling Sun and Meiqin Wang

Abstract

At EUROCRYPT 2015, Todo proposed the division property. Since then, many researches about the division property had occurred in succession. Inspired by the bit-based division property on SIMON introduced by Todo and Morri at FSE 2016, we give a further understanding of bit-based division property and come up with a new method to reconsider the \textbf{Substitution} rule given by Todo. By integrating the method of division property with the concrete boolean function expressions of S-box, this new idea can help us trace the propagation of division property at the bit level and escape the tedious and direct application of the original propagation rules. Benefit from this fact, this method can be applied to find integral distinguishers for some bit-oriented block ciphers other than SIMON. Since this method replaces the \textbf{Substitution} rules with a subtle propagation table, we call it table-aided bit-based division property. In order to verify our new method, we apply it to find integral distinguishers for CipherFour. The experimental results indicate that the table-aided bit-based division property is indeed a valid and efficient tool to search for integral distinguishers for some bit-oriented block ciphers. To handle the huge memory complexity of utilizing this new method, we apply early reduce technique, which was proposed by Zhang and Wu at INDOCRYPT 2015. With the help early reduce technique, a 8-round higher-order integral distinguisher for RECTANGLE can be constructed, which attains one more round than the previous one proposed by the designers. For PRESENT, we can find new 5-round and 6-round integral distinguishers. As to SPONGENT-88, a new 14-round zero-sum distinguisher with data complexity $2^{80}$ can be found by combining our new method with previous techniques. The table-aided bit-based division property can also be applied to find integral distinguishers for some word-oriented block ciphers, like TWINE and LBlock. Although we do not find any new integral distinguishers for these two ciphers, we believe that considering the S-box at the bit level is of great importance even for a word-oriented block cipher.

Metadata
Available format(s)
-- withdrawn --
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Integral cryptanalysisTable-aided bit-based division propertyEarly reduceRECTANGLEPRESENTSPONGENTTWINELBlock
Contact author(s)
mqwang @ sdu edu cn
History
2016-04-27: withdrawn
2016-04-19: received
See all versions
Short URL
https://ia.cr/2016/392
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.