Security Assessment of Hierocrypt and Rijndael against the Differential and Linear Cryptanalysis (Extended Abstract)

The authors analyze the security of Hierocrypt-3(128-bit) and Hierocrypt-L1(64-bit) designed on the nested SPN(NSPN) structure against the differential and linear cryptanalysis, and found that they are sufficiently secure, e.g., the maximum average differential and linear hull probabilities (MACP and MALHP) are bounded by 2−96 for 4-round of Hierocrypt-3; those probabilities are bounded by 2−48 for 4-round of Hierocrypt-L1. The authors get these results by extending the provable security theorem by Hong et al.. Furthermore, the extended theory is applied to Rijndael, and found that MACP and MALHP of 4-round Rijndael are bounded by 2−96. This outperforms the best previous result by Keliher et al..

[1]  Kenji Ohkuma,et al.  The Block Cipher Hierocrypt , 2000, Selected Areas in Cryptography.

[2]  Vincent Rijmen,et al.  The Block Cipher Square , 1997, FSE.

[3]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[4]  R. Stephenson A and V , 1962, The British journal of ophthalmology.

[5]  Henk Meijer,et al.  New Method for Upper Bounding the Maximum Average Linear Hull Probability for SPNs , 2001, EUROCRYPT.

[6]  Vincent Rijmen,et al.  The Cipher SHARK , 1996, FSE.

[7]  Seokhie Hong,et al.  Provable Security against Differential and Linear Cryptanalysis for the SPN Structure , 2000, FSE.

[8]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.