International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

On Perfect Linear Approximations and Differentials over Two-Round SPNs

Authors:
Christof Beierle , Ruhr-Universität Bochum
Patrick Felke , University of Applied Sciences Emden/Leer
Patrick Neumann , Ruhr-Universität Bochum
Gregor Leander , Ruhr-Universität Bochum
Lukas Stennes , Ruhr-Universität Bochum
Download:
DOI: 10.1007/978-3-031-38548-3_8 (login may be required)
Search ePrint
Search Google
Presentation: Slides
Conference: CRYPTO 2023
Abstract: Recent constructions of (tweakable) block ciphers with an embedded cryptographic backdoor relied on the existence of probability-one differentials or perfect (non-)linear approximations over a reduced-round version of the primitive. In this work, we study how the existence of probability-one differentials or perfect linear approximations over two rounds of a substitution permutation network can be avoided by design. More precisely, we develop criteria on the s-box and the linear layer that guarantee the absence of probability-one differentials for all keys. We further present an algorithm that allows to efficiently exclude the existence of keys for which there exists a perfect linear approximation.
BibTeX
@inproceedings{crypto-2023-33134,
  title={On Perfect Linear Approximations and Differentials over Two-Round SPNs},
  publisher={Springer-Verlag},
  doi={10.1007/978-3-031-38548-3_8},
  author={Christof Beierle and Patrick Felke and Patrick Neumann and Gregor Leander and Lukas Stennes},
  year=2023
}