Recent work by Biryukov and Wagner on developing the slide attack technique has revealed it to be a powerful tool in the analysis of block cipher designs. In this paper the technique is used to analyze a particular construction of balanced Feistel block cipher that features identically keyed round functions but with independent pre- and post-whitening keys. It is shown that for an n-bit block size this class of cipher can be broken using n2n/2+1 chosen plaintexts in O(n2n/2) time and space, and that this is irrespective of both the size of the key and the number of rounds of the algorithm. Comparisons are then drawn against the DESX and Even-Mansour constructions.
[1]
Bruce Schneier,et al.
Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish)
,
1993,
FSE.
[2]
Alex Biryukov,et al.
Slide Attacks
,
1999,
FSE.
[3]
Alex Biryukov,et al.
Advanced Slide Attacks
,
2000,
EUROCRYPT.
[4]
Joe Kilian,et al.
How to Protect DES Against Exhaustive Key Search
,
1996,
CRYPTO.
[5]
Phillip Rogaway.
The Security of DESX
,
1996
.
[6]
Hartmut Ehrig,et al.
Graph Transformations in Computer Science
,
1994,
Lecture Notes in Computer Science.