Design And Analysis Of The New Structures And Compenents Of Block Ciphers

As a significant branch of cryptography,block ciphers have been widely used in the field of information security since they have the advantages of encrypting and decrypting a message quickly,standardizing data easily,and being implemented efficiently on hardware and software platforms.The design and analysis of block ciphers are the central issues in the field of cryptography.Designers choose proper components according to the characteristics of the structure and design of a cipher,which is hard to attack.By decomposing important components,attackers attain the simple relationships between inputs and outputs to crack cipher.From another perspective,the design and analysis of block ciphers promote each other:designers try their best to ensure that a cipher can effectively resist the existing attack methods,which drives attackers to persistently optimize and improve their attack methods.Advances in attack methods also force designers to innovate the design methods of structures and components of ciphers.Centering on the design and analysis of block ciphers,three issues are considered in this dissertation:constructing the nonlinear component of a cipher,designing ciphers based on the Whitened Swap-Or-Not(WSN)structure and analyzing them,and attacking a cipher by decomposing its nonlinear component.1.In terms of constructing the nonlinear component of a cipher,two kinds of methods to construct bent functions are proposed,and a method to construct highly nonlinear resilient S boxes via disjoint linear codes is researched.(1)Two secondary constructions of bent functions without any conditions on the initial bent functions are proposed.By these methods,a wealth of bent functions based on initial bent functions with few variables can be attained.It is proven that bent functions outside the complete Maiorana-McFarland class(MM#)can be constructed by using one of these methods,which is named the"nonlayered method".The inclusions among the GMMn/2+k so-called generalized Maiorana-McFarland class are discussed,and the sufficient condition that the function in GMMn/2+k is a bent function is found.It is proven that bent functions constructed by both methods are embedded in GMMn/2+k.This implies that GMMn/2+k may contain a significant subset of bent functions that are not members of MM#.(2)A new construction of highly nonlinear resilient S boxes is presented by utilizing disjoint linear codes:highly nonlinear resilient Boolean functions are first constructed via two families of disjoint linear codes;these resilient functions are used as coordinate functions,and then highly nonlinear resilient S boxes are attained.Only if the number of fixed variables is greater than n/2 will these S boxes deteriorate to affine functions;thus,these S boxes have more favorable cryptography properties against linear cryptanalysis,correlation attacks,guess and determine attacks,and algebraic attacks.2.A variant of the BISON cipher is designed based on the WSN structure,and a new block cipher named DBISON is designed based on a parallel WSN structure.(1)Using the strategy that replaces the nonlinear component to improve the performance of the cipher,the BISON cipher based on a WSN construction is improved,and a variant of the BISON cipher is then represented.According to the characteristics of the WSN structure,the maximal expected differential probability(MEDP)of the BISON-like cipher is computed,and the resilience of the BISON-like cipher with balanced nonlinear components against linear cryptanalysis is also investigated.According to the results of differential cryptanalysis of the BISON-like cipher,a kind of balanced Boolean function that has a small absolute value indicator,high nonlinearity and high algebraic degree is selected to replace the bent functions used in the BISON cipher;as a result,the local balance and the algebraic degree of the cipher are improved.(2)The ideas of double layers typical of the WSN structure are employed,the right half of the input is Xored by the left half,and to complete the round operation,the left and right branches are swapped.According to these strategies,a new structure named the parallel WSN structure is proposed.Based on this structure,a new block cipher called DBISON is designed,the abilities of the DBISON cipher against both differential cryptanalysis and linear cryptanalysis are estimated,and the DBISON encryption algorithm with an input block size of 10 bits is implemented.The results indicate that a large number of S boxes with high nonlinearity and low differential uniformity can be attained from DBISON by changing the initial keys.3.By utilizing a method that attains a simple relationship between the inputs and the outputs by decomposing the important component,a new algebraic attack on the DASTA cipher is implemented.More specifically,the key feed-forward operation,the properties of the nonlinear layer and the invariance of the linear layer are sufficiently utilized in the attack.In particular,the nonlinear relation of internal states in DASTA is linearized effectively.In this case,more secret key bit equations with low algebraic degrees are collected by fixing the bit.The results illustrate that the reduced DASTA cipher family is theoretically broken by this attack.