IMCS/Publications/CSJM/Issues/CSJM v.13, n.3 (39), 2005/

DDP-Based Ciphers: Differential Analysis of SPECTR-H64

Authors: A.V. Bodrov, A.A. Moldovyan, P.A. Moldovyanu
Keywords: Fast ciphers, hardware encryption, controlled operations, data-dependent permutations, differential analysis.


Use of data-dependent (DD) permutations (DDP) appears to be very efficient while designing fast ciphers suitable for cheap hardware implementation, few papers devoted to security analysis of the DDP-based cryptosystems have been published though. This paper presents results of differential cryptanalysis (DCA) of the twelve-round cipher SPECTR-H64 which is one of the first examples of the fast block cryptosystems using DDP as cryptographic primitive. It has been shown that structure of SPECTR-H64 suits well for consideration of the differential characteristics. Experiments have confirmed the theoretic estimations. Performed investigation has shown that SPECTR-H64 is secure against DCA, some elements of this cipher can be improved though. In order to make the hardware implementation faster and cheaper a modified version of this cipher with eight rounds is proposed.

A.V. Bodrov, A.A. Moldovyan, P.A. Moldovyanu
Specialized Center of Program Systems "SPECTR",
Kantemirovskaya, 10, St.Petersburg 197342, Russia,
E-mail :


Adobe PDF document0.42 Mb