Paper 2018/592

XS-circuits in Block Ciphers

Sergey Agievich, Belarusian State University
Abstract

XS-circuits describe block ciphers that utilize 2 operations: X) bitwise modulo 2 addition of binary words and S) substitution of words using key-dependent S-boxes with possibly complicated internal structure. We propose a model of XS-circuits which, despite the simplicity, covers a rather wide range of block ciphers. In our model, several instances of a simple round circuit, which contains only one S~operation, are linked together and form a compound circuit called a cascade. S operations of a cascade are interpreted as independent round oracles. We deal with diffusion characteristics of cascades. These characteristics are related to the cryptographic strength of corresponding block ciphers. We obtain results on invertibility, transitivity and 2-transitivity of mappings induced by round circuits and their cascades. We provide estimates on the first and second activation times where the i-th activation time is the minimum number of rounds which guarantees that at least i round oracles get different queries while processing two different cascade's inputs. The activation times are related to differential cryptanalysis. We introduce the similarity and duality relations between round circuits. Cascades of related circuits have the same or dual diffusion characteristics. We find canonical representatives of classes of similar circuits and show that the duality between circuits is related to duality between differential and linear attacks against corresponding block ciphers. We discuss families of circuits with growing number of inputs. Such families can be used to build wide-block ciphers.

Note: Add Appendix B (Contracting Feistel networks) and Appendix C (Similarity of dual circuits). Rename SMS4 to SM4. Fix CF2 of SkipjackA, SkipjackB and SM4 in A.2.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Minor revision. Mat. Vopr. Kriptogr., 10:2 (2019), 7-30
DOI
10.4213/mvk281
Keywords
block cipherround permutationS-boxcircuitdiffusiontransitivity2-transitivity
Contact author(s)
agievich @ bsu by
History
2024-02-12: last of 3 revisions
2018-06-12: received
See all versions
Short URL
https://ia.cr/2018/592
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/592,
      author = {Sergey Agievich},
      title = {XS-circuits in Block Ciphers},
      howpublished = {Cryptology ePrint Archive, Paper 2018/592},
      year = {2018},
      doi = {10.4213/mvk281},
      note = {\url{https://eprint.iacr.org/2018/592}},
      url = {https://eprint.iacr.org/2018/592}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.