Title :
Information leakage of Feistel ciphers
Author_Institution :
Fac. of Eng. & Appl. Sci., Memorial Univ. of Newfoundland, St. John´´s, Nfld., Canada
fDate :
1/1/2001 12:00:00 AM
Abstract :
We examine the information leakage between sets of plaintext and ciphertext bits in symmetric-key block ciphers. The paper demonstrates the effectiveness of information leakage as a measure of cipher security by relating information leakage to linear cryptanalysis and by determining a lower bound on the amount of data required in an attack from an upper bound on information leakage. As well, a model is developed which is used to estimate the upper bound on the information leakage of a general Feistel (1975) block cipher. For a cipher that fits the model well, the results of the analysis can be used as a measure in determining the number of rounds required for security against attacks based on information leakage. It is conjectured that the CAST-128 cipher fits the model well and using the model it is predicted that information leaked from 20 or fewer plaintext bits is small enough to make an attack on CAST-128 infeasible
Keywords :
cryptography; CAST-128 cipher; attack; cipher security; ciphertext bits; general Feistel block cipher; information leakage; linear cryptanalysis; lower bound; plaintext bits; symmetric-key block ciphers; upper bound; Algorithm design and analysis; Cryptography; Data security; Information analysis; Information security; Information theory; Noise measurement; Predictive models; Signal generators; Upper bound;
Journal_Title :
Information Theory, IEEE Transactions on
