Partition-Based Trapdoor Ciphers

Trapdoors are a two-face key concept in modern cryptography. They are primarily related to the concept of trapdoor function used in asymmetric cryptography. A trapdoor function is a one-to-one mapping that is easy to compute, but for which its inverse function is difficult to compute without special information, called the trapdoor. It is a necessary condition to get reversibility between the sender and the receiver for encryption or between the signer and the verifier for digital signature. The trapdoor mechanism is always fully public and detailed. The second concept of trapdoor relates to the more subtle and perverse concept of mathematical backdoor, which is a key issue in symmetric cryptography. In this case, the aim is to insert hidden mathematical weaknesses, which enable one who knows them to break the cipher. Therefore, the existence of a backdoor is a strongly undesirable property. This book deals with this second concept and is focused on block ciphers or, more specifically, on substitution-permutation networks (SPN). Inserting a backdoor in an encryption algorithm gives an effective cryptanalysis of the cipher to the designer

Partition-Based Trapdoor Ciphers

This paper deals with block ciphers embedding a trapdoor which consists to map a partition of the plaintext space to a partition of the ciphertext space. In a first part, this issue is reduced to the study of the S-boxes of the cipher satisfying a few criteria. Then, differential and linear properties of such S-boxes are assessed and an algorithm to build optimal S-boxes is provided. Finally, these primitives are used to design a small trapdoor cipher resistant to linear and differential cryptanalysis. This trapdoor allows to recover the $\kappa$-bit master key with only one plaintext/ciphertext pair and an effort of $2^{\frac{\kappa}{2}}$ encryptions

A note on some algebraic trapdoors for block ciphers

We provide sufficient conditions to guarantee that a translation based cipher is not vulnerable with respect to the partition-based trapdoor. This trapdoor has been introduced, recently, by Bannier et al. (2016) and it generalizes that introduced by Paterson in 1999. Moreover, we discuss the fact that studying the group generated by the round functions of a block cipher may not be sufficient to guarantee security against these trapdoors for the cipher.Comment: to be published on Advances in Mathematics of Communication

A note on some algebraic trapdoors for block ciphers

We provide sufficient conditions to guarantee that a translation based cipher is not vulnerable with respect to the partition-based trapdoor. This trapdoor has been introduced, recently, by Bannier et al. (2016) and it generalizes that introduced by Paterson in 1999. Moreover, we discuss the fact that studying the group generated by the round functions of a block cipher may not be sufficient to guarantee security against these trapdoors for the cipher.acceptedVersio

Some group-theoretical results on Feistel Networks in a long-key scenario

The study of the trapdoors that can be hidden in a block cipher is and has always been a high-interest topic in symmetric cryptography. In this paper we focus on Feistel-network-like ciphers in a classical long-key scenario and we investigate some conditions which make such a construction immune to the partition-based attack introduced recently by Bannier et al.Comment: Accepted for publication in Advances in Mathematics of Communication

Some group-theoretical results on Feistel Networks in a long-key scenario

Under embargo until: 2021-07-01The study of the trapdoors that can be hidden in a block cipher is and has always been a high-interest topic in symmetric cryptography. In this paper we focus on Feistel-network-like ciphers in a classical long-key scenario and we investigate some conditions which make such a construction immune to the partition-based attack introduced recently by Bannier et al.acceptedVersio

A nonlinear invariant attack on T-310 with the original Boolean function

There are numerous results on nonlinear invariant attacks on T-310. In all such attacks found so far, both the Boolean functions and the cipher wiring were contrived and chosen by the attacker. In this article, we show how to construct an invariant attack with the original Boolean function that was used to encrypt government communications in the 1980s