REBEL: Reconfigurable Block Encryption Logic Page: 19
This paper is part of the collection entitled: UNT Scholarly Works and was provided to UNT Digital Library by the UNT College of Engineering.
Extracted Text
The following text was automatically extracted from the image on this page using optical character recognition software:
E,c.
Definition 4.7 (modified poly bounded oracle). We modify the poly bounded OP oracle as follows. On a
query (x, y), it returns a triple within its model (x(i), Y(i), K(i) E M(OP ) such that h(x, x(i)) + h(y, y(i)) is
minimized over Vi.
Lemma 4.1 (statistical adversary advantage). A poly bounded adversary with a poly bounded oracle has
Nc
probability at most N-1
(1 - ()logn N)N-_1 22N . 22N . IG IN
The proof follows from Equation 10 and from the fact that (x, y, K) space has size 22N * 22N * IG IN.
The main point to note here is that the adversary is almost as well off as it would be in a completely
random experiment. Hence, such a polynomially resource bounded oracle adds marginally to an adversary's
capability for the REBEL functions due to lack of any non-uniformity.
4.5 Resilience to Cryptanalysis
In this section we investigate the resilience of REBEL functions twoards the well known cryptanalysis meth-
ods. First we will show the class of attacks which use the invariance property of system, i.e., the idea of
these attacks is to find the properties of the system which are not dependent or least dependent either on the
secret or the input.
4.5.1 Linear Cryptanalysis
Linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the cipher
function. The technique [ ] has been applied to attack ciphers like FEAL [ ] and DES [ ]. Linear crypt-
analysis exploits the high probability of occurrences of linear expressions involving plaintext,ciphertext,
and sub-key bits. This attack becomes possible on the conventional cipher function design as the key bits
are primarily XOR'ed with round inputs. And linear approximations of known components (S-boxes) in the
system further aid the analysis. In the case of REBEL none of these required conditions are available. Every
gate (component gates of tree) is chosen by key and hence no linear approximation is possible.
4.5.2 Differential Cryptanalysis
Differential cryptanalysis [ ] exploits the property of difference being propogated from input to the output
of the cipher function. This attack again requires the properties of the known components in the system
(S-boxes) in order to estimate the difference propagation probabilities. In REBEL such an analysis is not
possible as there are no known components in the system. A variant to this attack is impossible difference
attack [ ] which again uses the principle of identifying differences that does not propagate from input to
output.
4.5.3 Boomerang Attack
This attack [ ] relies on the difference analysis of round function properties and existence of some block
in the system which is independent of the input to cipher function. This can be thought of as meet-in-the
middle version of differential cryptanalysis. Again REBEL is resistant as there are no blocks (gates) in the
system that is either independent of key or the input.19
Upcoming Pages
Here’s what’s next.
Search Inside
This paper can be searched. Note: Results may vary based on the legibility of text within the document.
Tools / Downloads
Get a copy of this page or view the extracted text.
Citing and Sharing
Basic information for referencing this web page. We also provide extended guidance on usage rights, references, copying or embedding.
Reference the current page of this Paper.
Gomathisankaran, Mahadevan & Tyagi, Akhilesh. REBEL: Reconfigurable Block Encryption Logic, paper, September 1, 2006; (https://digital.library.unt.edu/ark:/67531/metadc96662/m1/19/: accessed April 19, 2024), University of North Texas Libraries, UNT Digital Library, https://digital.library.unt.edu; crediting UNT College of Engineering.