Statistical cryptanalysis of block ciphers

Since the development of cryptology in the industrial and academic worlds in the seventies, public knowledge and expertise have grown in a tremendous way, notably because of the increasing, nowadays almost ubiquitous, presence of electronic communication means in our lives. Block ciphers are inevitable building blocks of the security of various electronic systems. Recently, many advances have been published in the field of public-key cryptography, being in the understanding of involved security models or in the mathematical security proofs applied to precise cryptosystems. Unfortunately, this is still not the case in the world of symmetric-key cryptography and the current state of knowledge is far from reaching such a goal. However, block and stream ciphers tend to counterbalance this lack of "provable security" by other advantages, like high data throughput and ease of implementation. In the first part of this thesis, we would like to add a (small) stone to the wall of provable security of block ciphers with the (theoretical and experimental) statistical analysis of the mechanisms behind Matsui's linear cryptanalysis as well as more abstract models of attacks. For this purpose, we consider the underlying problem as a statistical hypothesis testing problem and we make a heavy use of the Neyman-Pearson paradigm. Then, we generalize the concept of linear distinguisher and we discuss the power of such a generalization. Furthermore, we introduce the concept of sequential distinguisher, based on sequential sampling, and of aggregate distinguishers, which allows to build sub-optimal but efficient distinguishers. Finally, we propose new attacks against reduced-round version of the block cipher IDEA. In the second part, we propose the design of a new family of block ciphers named FOX. First, we study the efficiency of optimal diffusive components when implemented on low-cost architectures, and we present several new constructions of MDS matrices; then, we precisely describe FOX and we discuss its security regarding linear and differential cryptanalysis, integral attacks, and algebraic attacks. Finally, various implementation issues are considered

Fast software implementations of SC2000

Abstract. The block cipher SC2000 was recently proposed by a research group of Fujitsu Laboratories as a candidate cipher for the CRYPTREC and NESSIE projects. The cipher was designed so that it would be highly flexible and fast on many platforms. In this paper we show that the cipher is really fast on the Pentium III and AMD platforms: Our C implementation of SC2000 on Pentium III is only second to the best C implementations of RC6 on the same platform, and faster than for example the world fastest implementation of Twofish in assembly. In particular, we improve the bulk encryption and decryption times by almost times as compared to the previous best implementation by Fujitsu. Finally, we report new Rijndael and RC6 implementation results that are slightly better than these of Aoki and Lipmaa. Keywords: block cipher design, fast implementation, large S-boxes, SC2000.