Paper 2021/1645

Sequential Indifferentiability of Confusion-Diffusion Networks

Qi Da, Shanjie Xu, and Chun Guo


A large proportion of modern symmetric cryptographic building blocks are designed using the Substitution-Permutation Networks (SPNs), or more generally, Shannon's confusion-diffusion paradigm. To justify its theoretical soundness, Dodis et al. (EUROCRYPT 2016) recently introduced the theoretical model of confusion-diffusion networks, which may be viewed as keyless SPNs using random permutations as S-boxes and combinatorial primitives as permutation layers, and established provable security in the plain indifferentiability framework of Maurer, Renner, and Holenstein (TCC 2004). We extend this work and consider Non-Linear Confusion-Diffusion Networks (NLCDNs), i.e., networks using non-linear permutation layers, in weaker indifferentiability settings. As the main result, we prove that 3-round NLCDNs achieve the notion of sequential indifferentiability of Mandal et al. (TCC 2012). We also exhibit an attack against 2-round NLCDNs, which shows the tightness of our positive result on 3 rounds. It implies correlation intractability of 3-round NLCDNs, a notion strongly related to known-key security of block ciphers and secure hash functions. Our results provide additional insights on understanding the complexity for known-key security, as well as using confusion-diffusion paradigm for designing cryptographic hash functions.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. Indocrypt 2021
Block cipherssubstitution-permutation networksconfusion-diffusionindifferentiabilitycorrelation intractability
Contact author(s)
chun guo sc @ gmail com
2021-12-17: revised
2021-12-17: received
See all versions
Short URL
Creative Commons Attribution


      author = {Qi Da and Shanjie Xu and Chun Guo},
      title = {Sequential Indifferentiability of Confusion-Diffusion Networks},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1645},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.