Cryptology ePrint Archive: Report 2019/537

Efficient Search for Optimal Diffusion Layers of Generalized Feistel Networks

Patrick Derbez and Pierre-Alain Fouque and Baptiste Lambin and Victor Mollimard

Abstract: The Feistel construction is one of the most studied ways of building block ciphers. Several generalizations were then proposed in the literature, leading to the Generalized Feistel Network, where the round function first applies a classical Feistel operation in parallel on an even number of blocks, and then a permutation is applied to this set of blocks. In 2010 at FSE, Suzaki and Minematsu studied the diffusion of such construction, raising the question of how many rounds are required so that each block of the ciphertext depends on all blocks of the plaintext. They thus gave some optimal permutations, with respect to this diffusion criteria, for a Generalized Feistel Network consisting of 2 to 16 blocks, as well as giving a good candidate for 32 blocks. Later at FSE'19, Cauchois et al. went further and were able to propose optimal even-odd permutations for up to 26 blocks.

In this paper, we complete the literature by building optimal even-odd permutations for 28, 30, 32, 36 blocks which to the best of our knowledge were unknown until now. The main idea behind our constructions and impossibility proof is a new characterization of the total diffusion of a permutation after a given number of rounds. In fact, we propose an efficient algorithm based on this new characterization which constructs all optimal even-odd permutations for the 28, 30, 32, 36 blocks cases and proves a better lower bound for the 34, 38, 40 and 42 blocks cases. In particular, we improve the 32 blocks case by exhibiting optimal even-odd permutations with diffusion round of 9. The existence of such a permutation was an open problem for almost 10 years and the best known permutation in the literature had a diffusion round of 10. Moreover, our characterization can be implemented very efficiently and allows us to easily re-find all optimal even-odd permutations for up to 26 blocks with a basic exhaustive search.

Category / Keywords: Diffusion Round, Feistel, Permutations

Original Publication (in the same form): IACR-TOSC ISSUE 2-2019

Date: received 21 May 2019, last revised 23 May 2019

Contact author: baptiste lambin at irisa fr

Available format(s): PDF | BibTeX Citation

Note: Revision 23/05/2019 : Removed duplicate bibliography entry

Version: 20190523:125913 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]