[Resource Topic] 2015/426: Complementing Feistel Ciphers

Welcome to the resource topic for 2015/426

Complementing Feistel Ciphers

Authors: Alex Biryukov, Ivica Nikolic


In this paper, we propose related-key differential distinguishers based on the complementation property of Feistel ciphers. We show that with relaxed requirements on the complementation, i.e. the property does not have to hold for all keys and the complementation does not have to be on all bits, one can obtain a variety of distinguishers. We formulate criteria sufficient for attacks based on the complementation property. To stress the importance of our findings we provide analysis of the \textit{full-round} primitives: * For the hash mode of \camo without FL,FL^{-1} layers, differential multicollisions with 2^{112} time * For GOST, practical recovery of the full key with 31 related keys and 2^{38} time/data

ePrint: https://eprint.iacr.org/2015/426

Talk: https://www.youtube.com/watch?v=pmvWqnGi3kk

Slides: https://iacr.org/cryptodb/archive/2013/FSE/presentation/25060.pdf

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .