Abstract
Integral distinguisher is the main factor of integral attack. Conventionally, first order integral distinguisher is obtained and higher order integral distinguisher is derived from extension of first order conventional algorithm. The algorithm was applied to many byte-based block ciphers, and such application was thought to be established. Even in such application, however, we find that the conventional algorithm is imprecise. We discovered integral distinguisher of byte-based block ciphers, TWINE and LBlock, which are different from results of the conventional evaluation. As a substitute for the imprecise algorithm, we propose a new algorithm to search higher order integral distinguisher. The point of the proposal algorithm is exploitation of bijective and injective components of cipher functions. We focus on injective components for the first time, in addition to bijective components which are already exploited. We demonstrate the proposal algorithm by TWINE and LBlock. As a result, we confirm the result of the proposal algorithm is consistent with our result which was conjectured from computer experiment. Obtaining more precise integral distinguisher allows designers to select stronger cipher structures and key schedules, and the proposal algorithm contributes to it.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
