Zero-Correlation Cryptanalysis Of Block Cipher MISTY1and The Design Of S-box Of Lightweight Block Cipher

*ABSTRACT The information security issue is more and more important with the development of Internet technology. So is the cryptography because the data on the Internet needs protections. There are two research field of cryptography. One is private key cryptography and the other is public key cryptography. Block cipher is a kind of private key cryptography. It has an advantage of high speed of encryption and efficiency. Block cipher algorithms are widely used in data protection. Some information security protocols like SSL and IPSec is based on some block cipher algorithms. MISTY1is a famous block cipher algorithm designed by Mitsuru Matsui in1995. It is one of the algorithms selected in the European NESSIE project and has been recommend for the Japanese government use. The best known cryptanalysis results are the impossible differential cryptanalysis and high order differential cryptanalysis for7-round MISTY1. This paper describes some zero correlation cryptanaly-sis results on MISTY1. In the fifth chapter of this paper, we introduce some works on the design of S box. First, this paper introduces the model for multi-dimensional zero correlation cryptanalysis proposed by Andrey Bogdanov and Meiqin Wang et al. on the conference of Asiacrypt2012. Based on this model, we describe two algorithms of the zero correlation cryptanalysis on7-round MISTY1. The former one focuses on the time complexity and the latter fo-cuses on the memory complexity. The time memory and data complexity of the first one are2115,253and263.1respectively. These of the latter are2124.1,237and262.6. In terms of time and memory complexity, our results are better than that of impossible differential cryptanalysis and we reduce the memory complexity to a practical number. At the end of this paper we introduce some works on the design of S box of lightweight block cipher. On the conference of SAC2009, Kenji Ohkuma proposed an weak key linear attack on lightweight block cipher PRESENT. The attack is based on a proposition of the S box of PRESENT. We find some S boxes which have resistance on the attack based on the research of Markku-juhani.