Paper 2022/1065

A Note on the Theoretical and Practical Security of Block Ciphers

Öznur MUT SAĞDIÇOĞLU, Institute of Applied Mathematics, Middle East Technical University, Turkey
Serhat Sağdıçoğlu, Havelsan A.Ş.
Ebru Küçükkubaş, Tübitak Bilgem Turkey
Abstract

Differential cryptanalysis is one of the most effective methods for evaluating the security level of block ciphers. For this, an attacker tries to find a differential or a characteristic with a high probability that distinguishes a block cipher from a random permutation to obtain the secret key. Although it is theoretically possible to compute the probability of a differential for a block cipher, there are two problems to compute it practically. The first problem is that it is computationally impossible to compute differential probability by trying all plaintext pairs. The second problem is that the probability of a differential over all choices of the plaintext and key might be different from the probability of the differential over all plaintexts for a fixed key. Thus, to evaluate the security against the differential cryptanalysis, one must assume both the hypothesis of stochastic equivalence and the Markov model. However, the hypothesis of stochastic equivalence does not hold in general. Indeed, we show on simple ciphers that the hypothesis of stochastic equivalence does not hold. Moreover, we observe that the differential probability is not equal to the expected differential probability. For these results, we study plateau characteristics for a 4-bit cipher and a 16-bit super box. As a result, when considering differential cryptanalysis, one must be careful about the gap between the theoretical and the practical security of block ciphers.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
Differential cryptanalysis Stochastic Equivalence Markov Ciphers Midori
Contact author(s)
oznurmut @ gmail com
History
2022-08-17: approved
2022-08-16: received
See all versions
Short URL
https://ia.cr/2022/1065
License
Creative Commons Attribution-NonCommercial-NoDerivs
CC BY-NC-ND

BibTeX

@misc{cryptoeprint:2022/1065,
      author = {Öznur MUT SAĞDIÇOĞLU and Serhat Sağdıçoğlu and Ebru Küçükkubaş},
      title = {A Note on the Theoretical and Practical Security of Block Ciphers},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/1065},
      year = {2022},
      url = {https://eprint.iacr.org/2022/1065}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.