Analysis of probabilities of differentials for block cipher “Kalyna” (DSTU 7624:2014)
Journal Title: Восточно-Европейский журнал передовых технологий - Year 2018, Vol 4, Issue 9
Abstract
<p class="a"><span lang="EN-US">The adaptation and application of the method for estimating the upper bound of the probability of tworound differentials for the block symmetric cipher Kalyna is carried out. This cipher was adopted as the Ukrainian standard DSTU 7624: 2014 in 2015. Known methods allow getting only the approximate value of this parameter for this cipher or cannot be applied explicitly through the structural features of this cipher. Using the approximate probability of tworound differentials gives an even greater error in the evaluation of the probabilities of differentials with a large number of rounds, as well as in assessing the resistance of the encryption algorithm to other types of differential attacks.</span></p><p class="a"><span lang="EN-US">The main stages of the used method are the following: definition of the minimum number of active Sboxes; definition of the type of differential characteristic having the maximum probability; determination of the number and probabilities of additional differential characteristics.</span></p><p class="a"><span lang="EN-US">In the course of research, an adapted method has allowed clarifying the upper bound of the probability of 2round differentials for the cipher Kalyna significantly. This bound is ≈2–47.3 instead of 2–40 when using the method for nested SPN ciphers.</span></p><p class="a"><span lang="EN-US">The elaborated upper bound of the probability of 2round differentials allowed clarifying also the bound value of the probability of 4round differentials. For Kalyna128 (block size 128 bits), the value is specified 214.6 times, for Kalyna256 – 229.2 times, Kalyna512 – 258.4 times.</span></p><p class="a"><span lang="EN-US">The main advantage of the method adapted for the Kalyna cipher was the possibility of a significant specification of the upper bound of the probability of a 2round differential. The disadvantage of the adapted method is that assumptions are made, such as, for example, the use of one substitution instead of four in the original algorithm. The result of this assumption is that a real bound of the probability of 2round differentials could be even smaller.</span></p>
Authors and Affiliations
Victor Ruzhentsev, Valerii Sokurenko, Yuriy Ulyanchenko
Keywords
Related Articles
- EP ID EP528107
- DOI 10.15587/1729-4061.2018.139682
- Views 64
- Downloads 0
Study of the influence of a fastchanging temperature on metrological characteristics of the tensoresistive pressure sensor
<p>Based on dependences that describe the nonstationary temperature fields in the membrane and casing of the tensoresistive pressure sensor, we derived equations for thermomechanical processes in these elements, specific...
“Smart” anticorrosion pigment based on layered double hydroxide: construction and characterization
<p>Paint coatings are widely used for decorative purposes and to prevent corrosion of metal surfaces. However, regular paint coating only provides passive protection of the metal. To create an active type of corrosion pr...
Development of the information system for forecasting collision between birds and wind farms
<p>The information system for processing the results of observations of birds on the territory of a wind farm was created. The information system ensures the storage and processing of the monitoring results, conducting s...
Mechanoactivation of Portland cement in the technology of manufacturing the selfcompacting concrete
<p>This paper examines the intensive separation technology for producing a self-compacting concrete (SCC). We substantiate the proposed technology of SCC production through the effective control over viscosity of cement-...
Application of kohonen neural networks to search for regions of interest in the detection and recognition of objects
<p>One of the most effective ways to improve accuracy and speed of recognition algorithms is to preliminary distinguish the regions of interest in the analyzed images. We studied a possibility of application of self-orga...