Fu Li-Shi, Jin Chen-Hui. The Cryptographic Weakness of Lai-Massey Scheme with an Affine but not Orthomorphic Bijection[J]. Journal of Electronics & Information Technology, 2013, 35(10): 2536-2540. doi: 10.3724/SP.J.1146.2012.01574
Citation:
Fu Li-Shi, Jin Chen-Hui. The Cryptographic Weakness of Lai-Massey Scheme with an Affine but not Orthomorphic Bijection[J]. Journal of Electronics & Information Technology, 2013, 35(10): 2536-2540. doi: 10.3724/SP.J.1146.2012.01574
Fu Li-Shi, Jin Chen-Hui. The Cryptographic Weakness of Lai-Massey Scheme with an Affine but not Orthomorphic Bijection[J]. Journal of Electronics & Information Technology, 2013, 35(10): 2536-2540. doi: 10.3724/SP.J.1146.2012.01574
Citation:
Fu Li-Shi, Jin Chen-Hui. The Cryptographic Weakness of Lai-Massey Scheme with an Affine but not Orthomorphic Bijection[J]. Journal of Electronics & Information Technology, 2013, 35(10): 2536-2540. doi: 10.3724/SP.J.1146.2012.01574
Vaudenay (1999) proved that the permutation in Lai-Massey scheme should be an orthomorphism or almost orthomorphism. This paper mainly focuses on the principle of the function in Lai-Massey scheme, which is described by its resistance to differential and linear attack. It shows that no matter how the group G is defined, ifis an affine function on G, then it should be defined as an orthomorphism, or else there exists a differentially characteristic with probability 1 and a linearly approximation with correlation coefficient 1, therefore it has potential security risk. Moreover, by the characteristic spectrum in finite group, a new linear relationship between the input and output of Lai-Massey scheme is introduced, which is used to describe the linear relationship lying between the input and the output of Lai-Massey scheme.
DownLoad: