Improving block cipher design by rearranging internal operations

This paper discusses the impact of a simple strategy in block cipher design: rearranging the internal cipher components. We report on a test case in which we observed a significant upgrade on a cipher´s security. We applied this approach in practice and report on an updated design of the IDEA block cipher, in which we swapped all exclusive-or operations for multiplications. The consequences of these modifications are far reaching: there are no more weak multiplicative subkeys (because multiplications are not keyed anymore) and overall diffusion improves sharply in the encryption framework. The unkeyed multiplication is novel in itself since it did not exist in IDEA as a primitive operation and it alone guarantees stronger diffusion than the exclusive-or operation. Moreover, our analysis so far indicate that the new cipher resists better than IDEA and AES against old and new attacks such as the recent biclique technique and the combined Biryukov-Demirci meet-in-the-middle attack. Experiments on an 8-bit microcontroller indicate the new design has about the same performance as IDEA. A theoretical analysis also suggests the new design is more resistant to power analysis than IDEA.