Civino et al. (2019) have shown how some diffusion layers can expose a Substitution-Permutation Network to vulnerability from differential cryptanalysis when employing alternative operations coming from groups isomorphic to the translation group on the message space. In this study, we present a classification of diffusion layers that exhibit linearity with respect to certain parallel alternative operations, enabling the possibility of an alternative differential attack simultaneously targeting all the s-boxes within the block. Furthermore, we investigate the differential behaviour with respect to alternative operations for all classes of optimal 4-bit s-boxes, as defined by Leander and Poschmann (2007). Our examination reveals that certain classes contain weak permutations w.r.t. alternative differential attacks. Finally, we leverage these vulnerabilities to execute a series of experiments showing the effectiveness of the cryptanalysis performed with a parallel alternative operation compared to the classical one.
Optimal s-boxes against alternative operations and linear propagation / Calderini, M.; Civino, R.; Invernizzi, R.. - In: DISCRETE MATHEMATICS. - ISSN 0012-365X. - 349:3(2026). [10.1016/j.disc.2025.114870]
Optimal s-boxes against alternative operations and linear propagation
Calderini M.;Civino R.
;
2026-01-01
Abstract
Civino et al. (2019) have shown how some diffusion layers can expose a Substitution-Permutation Network to vulnerability from differential cryptanalysis when employing alternative operations coming from groups isomorphic to the translation group on the message space. In this study, we present a classification of diffusion layers that exhibit linearity with respect to certain parallel alternative operations, enabling the possibility of an alternative differential attack simultaneously targeting all the s-boxes within the block. Furthermore, we investigate the differential behaviour with respect to alternative operations for all classes of optimal 4-bit s-boxes, as defined by Leander and Poschmann (2007). Our examination reveals that certain classes contain weak permutations w.r.t. alternative differential attacks. Finally, we leverage these vulnerabilities to execute a series of experiments showing the effectiveness of the cryptanalysis performed with a parallel alternative operation compared to the classical one.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
