Abstract
This paper proposes a new approach to generalizing Feistel networks, which unifies the classical (balanced) Feistel network and the Lai–Massey structure. We call the new structure extended Feistel (E-Feistel) network. To justify its soundness, we investigate its indistinguishability using Patarin’s H-coefficient technique. As a result, it is proved that the 4-round key-alternating E-Feistel (KAEF) cipher with adequately derived keys and identical round functions is secure up to 2 n / 2 queries, i.e., birthday-bound security. In addition, when adjacent round keys are independent and independent round functions are used, the 6-round KAEF is secure up to beyond-birthday-bound 2 2 n / 3 queries. Our results indicate that the E-Feistel structure is secure and reliable and can be adopted in designing practical block ciphers.
Highlights
In recent years, as a result of more attention paid on privacy protection and information security, research on the design and cryptanalysis of block ciphers has become a research hotpot. e design of block ciphers strictly highlights efficiency and security, which deeply rely on iterative structures they choose
According to whether encryption is consistent with decryption, iterative structures can be divided into two categories. e structures that have consistent encryption and decryption are beneficial in hardware implementation because decryption does not take up extra storage. is kind of structures contains the Feistel structure, the SM4 structure, the Mars structure, and the Lai–Massey structure as specific instances
E Feistel structure was proposed by Feistel and Tuchman of IBM when designing Lucifer in the late 1960s [1]. e Feistel structure became popular after the widespread use of the data encryption standard (DES) [2]. e input of the Feistel structure is divided into two blocks whose length is equal. e round function is applied to one half, using a subkey, and the output is XORed with the other half. en, two halves are exchanged with each other
Summary
As a result of more attention paid on privacy protection and information security, research on the design and cryptanalysis of block ciphers has become a research hotpot. e design of block ciphers strictly highlights efficiency and security, which deeply rely on iterative structures they choose. The SPN structure is often adopted as round functions in the design of Feistel ciphers such as SM4 [5] and Camellia [14]. Theory community usually assumes their underlying ciphers as ideal ciphers, i.e., sets of independent random permutations indexed by the keys, and argues the security of the whole schemes. Iterative structures in block ciphers mainly adopt the three structures: the Feistel structure, the SPN structure, and the Lai–Massey scheme. (1) We propose a new iterative structure, the E-Feistel structure, which has consistent encryption with decryption (2) For birthday-bound security, we prove that the 4round KAEF with the same round function is secure up to 2n/2 queries (3) For beyond-birthday-bound security, we prove that the 6-round KAEF with independent round functions is secure up to 22n/3 queries is paper is organized as follows.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
