The Spectral Invariant Subspace of Word-Based Block Ciphers
This paper combined the idea of invariant subspace attacks with linear cryptanalysis,and proposed a spectral invariant subspace analysis method. This approach leveraged the property of spectral invariant subspaces to distinguish a block cipher by examining whether a pair of input/output linear masks resides within the same non-trivial subspace. Firstly,it demonstrated that if an S-box satisfied the spectral invariant subspace property,it was linearly equivalent to several smaller S-boxes operating in parallel. Secondly,an efficient algorithm for searching spectral invariant subspaces of S-boxes was presented,which proved effective for commonly used sizes of S-boxes. Furthermore,if the S-boxes employed in a word-based block cipher shared the same spectral invariant subspace,then it followed that the entire cipher possesses this characteristic as well. By utilizing this property,an infinite-round distinguisher with probability 1 for the target cipher was constructed. This paper offered new insights into the relationship between S-boxes and block cipher security and provided valuable guidance for designing new block ciphers. As application,an infinite-round distinguisher with probability 1 specifically for variant Midori128 was developed.
linear cryptanalysisword-based block ciphersspectral invariant subspaceMidori128
万方数据
维普
