Title :
An optimal sampling technique for distinguishing random S-boxes
Author :
Stankovski, Paul ; Hell, Martin
Author_Institution :
Dept. of Electr. & Inf. Technol., Lund Univ., Lund, Sweden
Abstract :
The nonrandom behavior of the outputs of a random S-box can be exploited when constructing distinguishers for cryptographic primitives. Different methods of constructing samples from the outputs have been used in the literature. However, it has been unclear exactly how these methods differ and which method is optimal. We analyze four different sampling techniques. We prove that two of these sampling techniques result in dependent samples. We further show one sampling technique that is optimal in terms of error probabilities in the resulting distinguisher. However, this sampling technique is quite impractical as it requires very large storage. We further show a fourth sampling technique that is much more practical, and we prove that it is equivalent to the optimal one. We also show an improved algorithm for calculating the associated probability distributions that are required for the attack.
Keywords :
cryptography; probability; random processes; sampling methods; cryptanalysis; cryptographic primitives; error probabilities; nonrandom behavior; optimal sampling technique; probability distributions; random S-boxes; Complexity theory; Error probability; Heuristic algorithms; Probability distribution; Vectors;
Conference_Titel :
Information Theory Proceedings (ISIT), 2012 IEEE International Symposium on
Conference_Location :
Cambridge, MA
Print_ISBN :
978-1-4673-2580-6
Electronic_ISBN :
2157-8095
DOI :
10.1109/ISIT.2012.6284680
