Differential attacks on generalized Feistel schemes - Université de Versailles Saint-Quentin-en-Yvelines Access content directly
Conference Papers Year : 2013

Differential attacks on generalized Feistel schemes


While generic attacks on classical Feistel schemes and unbalanced Feistel schemes have been studied a lot, generic attacks on several generalized Feistel schemes like type-1, type-2 and type-3 and alternating Feistel schemes, as defined in [8], have not been systematically investigated. These generalized Feistel schemes are used in well known block cipher networks that use generalized Feistel schemes CAST-256 (type-1), RC-6 (type-2), MARS (type-3) and BEAR/LION (alternating). Also, type-1 and type-2 Feistel schemes are respectively used in the construction of the hash functions Lesamnta and SHAvite - 3512.In this paper, we give our best Known Plaintext Attacks and non-adaptive Chosen Plaintext Attacks on these schemes. We determine the maximal number of rounds that we can attack when we want to distinguish a permutation produced by the scheme from a permutation chosen randomly in the set of permutations. © Springer International Publishing 2013.

Dates and versions

hal-02177223 , version 1 (08-07-2019)



Valérie Nachef, Emmanuel Volte, Jacques Patarin. Differential attacks on generalized Feistel schemes. 12th International Conference on Cryptology and Network Security, CANS 2013, Nov 2013, Paraty, Brazil. pp.1-19, ⟨10.1007/978-3-319-02937-5_1⟩. ⟨hal-02177223⟩
50 View
0 Download



Gmail Mastodon Facebook X LinkedIn More