Nonlinearity of the Round Function

In the paper we present the results which enable to calculate the nonlinearity of the round function with quite large dimensions, e.g. 32 × 32 bits, which are used in some block ciphers. It can be used to estimate resistance of these ciphers against linear cryptanalysis. We give the application to linear cryptanalysis of the TGR block cipher.

[1]  Carlisle M. Adams,et al.  Constructing Symmetric Ciphers Using the CAST Design Procedure , 1997, Des. Codes Cryptogr..

[2]  A.M. Youssef,et al.  Construction of highly nonlinear injective S-boxes with application to CAST-like encryption algorithms , 1997, CCECE '97. Canadian Conference on Electrical and Computer Engineering. Engineering Innovation: Voyage of Discovery. Conference Proceedings.

[3]  Howard M. Heys,et al.  Resistance of a CAST-Like Encryption Algorithm to Linear and Differential Cryptanalysis , 1997, Des. Codes Cryptogr..

[4]  Jeff Gilchrist,et al.  The CAST-256 Encryption Algorithm , 1999, RFC.

[5]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[6]  Josef Pieprzyk,et al.  Towards effective nonlinear cryptosystem design , 1988 .

[7]  Kaisa Nyberg,et al.  Perfect Nonlinear S-Boxes , 1991, EUROCRYPT.

[8]  Willi Meier,et al.  Nonlinearity Criteria for Cryptographic Functions , 1990, EUROCRYPT.

[9]  Eli Biham,et al.  TIGER: A Fast New Hash Function , 1996, FSE.