Skip to main content
SpringerLink
Log in

Division Property: Efficient Method to Estimate Upper Bound of Algebraic Degree

  • Conference paper
  • First Online:
Book cover Paradigms in Cryptology – Mycrypt 2016. Malicious and Exploratory Cryptology (Mycrypt 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10311))

Included in the following conference series:

Abstract

We proposed the division property, which is a new method to find integral characteristics, at EUROCRYPT2015. Then, we applied this technique to analyze the full MISTY1 at CRYPTO2015. After the proposal of the two papers, many follow-up results have been researched at major conferences. In this paper, we first expound the integral and higher-order differential cryptanalyses in detail and focus the similarities and differences. As a result, we conclude that both cryptanalyses are the same in practical. Nevertheless, both cryptanalyses use the different method to find characteristics: the propagation characteristic of integral properties is evaluated in the integral cryptanalysis and the upper bound of the algebraic degree is evaluated in the higher-order differential cryptanalysis. Our first discovery is that each of the two methods has its own advantages and disadvantages. Moreover, there are some experimental characteristics that cannot be proven by either of both methods. These observation causes significant motivation that we developed the division property. We next expound some important follow-up results, e.g., the bit-based division property at FSE2016, the parity set at CRYPTO2016, the MILP-based propagation search at ASIACRYPT2016.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    If all values appear the same even number in the multiset, the calculated value is always 0. If all values appear the same odd number in the multiset, the calculated value is always 1. Thus, we cannot guarantee whether the calculated value is 0 or not when we consider the multiset satisfying \(\mathcal{A}\). In this case, we say the calculated value is unknown.

  2. 2.

    We also independently evaluated the propagation of the division property on PRESENT in [35] and get the same integral characteristics. In that paper, we introduced the compact representation for the division property to evaluate the propagation efficiently.

References

  1. Data Encryption Standard (DES). National Bureau of Standards (1977). Federal Information Processing Standards Publication 46

    Google Scholar 

  2. Bar-On, A., Keller, N.: A \(2^{70}\) attack on the full MISTY1. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 435–456. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53018-4_16

    Chapter  Google Scholar 

  3. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers (2013). http://eprint.iacr.org/2013/404

  4. Beierle, C., et al.: The SKINNY family of block ciphers and its low-latency variant MANTIS. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 123–153. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53008-5_5

    Chapter  Google Scholar 

  5. Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999). doi:10.1007/3-540-48910-X_2

    Chapter  Google Scholar 

  6. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991). doi:10.1007/3-540-38424-3_1

    Chapter  Google Scholar 

  7. Biryukov, A., Shamir, A.: Structural cryptanalysis of SASAS. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 395–405. Springer, Heidelberg (2001). doi:10.1007/3-540-44987-6_24

    Chapter  Google Scholar 

  8. Boura, C., Canteaut, A.: Another view of the division property. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 654–682. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53018-4_24

    Chapter  Google Scholar 

  9. Boura, C., Canteaut, A., Cannière, C.: Higher-order differential properties of Keccak and Luffa. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 252–269. Springer, Heidelberg (2011). doi:10.1007/978-3-642-21702-9_15

    Chapter  Google Scholar 

  10. Cannière, C.D., Sato, H., Watanabe, D.: Hash function Luffa - a SHA-3 candidate (2008). http://hitachi.com/rd/yrl/crypto/luffa/round1archive/Luffa_Specification.pdf

  11. Canteaut, A., Videau, M.: Degree of composition of highly nonlinear functions and applications to higher order differential cryptanalysis. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 518–533. Springer, Heidelberg (2002). doi:10.1007/3-540-46035-7_34

    Chapter  Google Scholar 

  12. Daemen, J., Bertoni, G., Peeters, M., Assche, G.V.: The Keccak reference version 3.0 (2011)

    Google Scholar 

  13. Daemen, J., Knudsen, L., Rijmen, V.: The block cipher Square. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997). doi:10.1007/BFb0052343

    Chapter  Google Scholar 

  14. Demirci, H.: Square-like attacks on reduced rounds of IDEA. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 147–159. Springer, Heidelberg (2003). doi:10.1007/3-540-36492-7_11

    Chapter  Google Scholar 

  15. Demirci, H., Selçuk, A.A.: A meet-in-the-middle attack on 8-round AES. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 116–126. Springer, Heidelberg (2008). doi:10.1007/978-3-540-71039-4_7

    Chapter  Google Scholar 

  16. Dinu, D., Perrin, L., Udovenko, A., Velichkov, V., Groschdl, J., Biryukov, A.: Design strategies for ARX with provable bounds: SPARX and LAX (full version) (2016). http://eprint.iacr.org/2016/984, (Accepted to ASIACRYPT 2016)

  17. Gilbert, H., Minier, M.: A collision attack on 7 rounds of Rijndael. In: AES Candidate Conference, pp. 230–241 (2000)

    Google Scholar 

  18. He, Y., Qing, S.: Square attack on reduced camellia cipher. In: Qing, S., Okamoto, T., Zhou, J. (eds.) ICICS 2001. LNCS, vol. 2229, pp. 238–245. Springer, Heidelberg (2001). doi:10.1007/3-540-45600-7_27

    Chapter  Google Scholar 

  19. Journault, A., Standaert, F.X., Varici, K.: Improving the security and efficiency of block ciphers based on LS-designs. Des. Codes Crypt. 82, 1–15 (2016). http://dx.doi.org/10.1007/s10623-016-0193-8

    MathSciNet  MATH  Google Scholar 

  20. Knudsen, L.: DEAL - a 128-bit block cipher. Technical report no. 151. Department of Informatics, University of Bergen, Norway, February 1998

    Google Scholar 

  21. Knudsen, L.R.: Truncated and higher order differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995). doi:10.1007/3-540-60590-8_16

    Chapter  Google Scholar 

  22. Knudsen, L.R., Wagner, D.: Integral cryptanalysis. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 112–127. Springer, Heidelberg (2002). doi:10.1007/3-540-45661-9_9

    Chapter  Google Scholar 

  23. Lai, X.: Higher order derivatives and differential cryptanalysis. In: Blahut, R.E., Costello Jr., D.J., Maurer, U., Mittelholzer, T. (eds.) Communications and Cryptography. The Springer International Series in Engineering and Computer Science, vol. 276, pp. 227–233. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  24. Li, Y., Wu, W., Zhang, L.: Improved integral attacks on reduced-round CLEFIA block cipher. In: Jung, S., Yung, M. (eds.) WISA 2011. LNCS, vol. 7115, pp. 28–39. Springer, Heidelberg (2012). doi:10.1007/978-3-642-27890-7_3

    Chapter  Google Scholar 

  25. Lucks, S.: The saturation attack - a bait for twofish. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 1–15. Springer, Heidelberg (2002). doi:10.1007/3-540-45473-X_1

    Chapter  Google Scholar 

  26. Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C.-K., Yung, M., Lin, D. (eds.) Inscrypt 2011. LNCS, vol. 7537, pp. 57–76. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34704-7_5

    Chapter  Google Scholar 

  27. Sasaki, Y., Todo, Y.: New differential bounds and division property of lilliput: block cipher with extended generalized Feistel network. In: SAC (2016, in press)

    Google Scholar 

  28. Shibayama, N., Kaneko, T.: A peculiar higher order differential of CLEFIA. In: ISITA, pp. 526–530. IEEE (2012)

    Google Scholar 

  29. Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 158–178. Springer, Heidelberg (2014). doi:10.1007/978-3-662-45611-8_9

    Google Scholar 

  30. Suzaki, T., Minematsu, K., Morioka, S., Kobayashi, E.: TWINE: a lightweight block cipher for multiple platforms. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 339–354. Springer, Heidelberg (2013). doi:10.1007/978-3-642-35999-6_22

    Chapter  Google Scholar 

  31. Tanaka, H., Hisamatsu, K., Kaneko, T.: Strength of ISTY1 without FL function for higher order differential attack. In: Fossorier, M., Imai, H., Lin, S., Poli, A. (eds.) AAECC 1999. LNCS, vol. 1719, pp. 221–230. Springer, Heidelberg (1999). doi:10.1007/3-540-46796-3_22

    Chapter  Google Scholar 

  32. Todo, Y.: Integral cryptanalysis on full MISTY1. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 413–432. Springer, Heidelberg (2015). doi:10.1007/978-3-662-47989-6_20

    Chapter  Google Scholar 

  33. Todo, Y.: Structural evaluation by generalized integral property. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 287–314. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46800-5_12

    Google Scholar 

  34. Todo, Y., Morii, M.: Bit-based division property and application to Simon family. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 357–377. Springer, Heidelberg (2016). doi:10.1007/978-3-662-52993-5_18

    Chapter  Google Scholar 

  35. Todo, Y., Morii, M.: Compact representation for division property. In: Foresti, S., Persiano, G. (eds.) CANS 2016. LNCS, vol. 10052, pp. 19–35. Springer, Cham (2016). doi:10.1007/978-3-319-48965-0_2

    Chapter  Google Scholar 

  36. Wang, Q., Liu, Z., Varıcı, K., Sasaki, Y., Rijmen, V., Todo, Y.: Cryptanalysis of reduced-round SIMON32 and SIMON48. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 143–160. Springer, Cham (2014). doi:10.1007/978-3-319-13039-2_9

    Google Scholar 

  37. Wu, W., Zhang, L.: LBlock: a lightweight block cipher. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 327–344. Springer, Heidelberg (2011). doi:10.1007/978-3-642-21554-4_19

    Chapter  Google Scholar 

  38. Xiang, Z., Zhang, W., Bao, Z., Lin, D.: Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers (2016). https://eprint.iacr.org/2016/857, (Accepted to ASIACRYPT 2016)

  39. Yeom, Y., Park, S., Kim, I.: On the security of CAMELLIA against the square attack. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 89–99. Springer, Heidelberg (2002). doi:10.1007/3-540-45661-9_7

    Chapter  Google Scholar 

  40. Z’aba, M.R., Raddum, H., Henricksen, M., Dawson, E.: Bit-pattern based integral attack. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 363–381. Springer, Heidelberg (2008). doi:10.1007/978-3-540-71039-4_23

    Chapter  Google Scholar 

  41. Zhang, H., Wu, W.: Structural evaluation for generalized feistel structures and applications to LBlock and TWINE. In: Biryukov, A., Goyal, V. (eds.) INDOCRYPT 2015. LNCS, vol. 9462, pp. 218–237. Springer, Cham (2015). doi:10.1007/978-3-319-26617-6_12

    Chapter  Google Scholar 

  42. Zheng, Y., Matsumoto, T., Imai, H.: On the construction of block ciphers provably secure and not relying on any unproved hypotheses. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 461–480. Springer, New York (1990). doi:10.1007/0-387-34805-0_42

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NTT Secure Platform Laboratories, Tokyo, Japan

    Yosuke Todo

  2. Kobe University, Kobe, Japan

    Yosuke Todo

Authors
  1. Yosuke Todo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yosuke Todo .

Editor information

Editors and Affiliations

  1. Multimedia University, MMU, Cyberjaya, Malaysia

    Raphaël C.-W. Phan

  2. Snapchat and Columbia University, New York, New York, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Todo, Y. (2017). Division Property: Efficient Method to Estimate Upper Bound of Algebraic Degree. In: Phan, RW., Yung, M. (eds) Paradigms in Cryptology – Mycrypt 2016. Malicious and Exploratory Cryptology. Mycrypt 2016. Lecture Notes in Computer Science(), vol 10311. Springer, Cham. https://doi.org/10.1007/978-3-319-61273-7_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-61273-7_30

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-61272-0

  • Online ISBN: 978-3-319-61273-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation