Abstract:
XS-circuits describe block ciphers that utilize 2 operations on binary words of fixed length: X — bitwise modulo 2 addition and S — substitution. In this paper, we develop a model of XS-circuits according to which several instances of a simple round circuit containing only one S operation are linked together and form a compound circuit called a cascade. S operations of a cascade are interpreted as independent round oracles. Determining some input/output pair of some round oracle from an input/output of the cascade is considered a security breach. We introduce the notion of hiding round oracles when such determining is hard. We show that a cascade based on a regular round circuit hides round oracles when the number of rounds is at least twice its dimension (the number of words in the processed data blocks).
Keywords:block cipher, XS-circuit, round oracle, linear recurrence sequence.
Fulltext:
PDF file (569 kB)