Branch number: Difference between revisions
Content deleted Content added
→top: added information |
→Sources: added source |
||
| Line 18: | Line 18: | ||
* {{cite book | editor = Thomas Peyrin | first1=Meicheng |last1 = Liu | first2=Siang Meng | last2 = Sim | date = 25 July 2016 | title = Fast Software Encryption: 23rd International Conference, FSE 2016, Bochum, Germany, March 20-23, 2016, Revised Selected Papers | publisher = Springer | pages = 101-121 | isbn = 978-3-662-52993-5 | chapter = Branch Number of the Diffusion Layer | oclc = 1008648217 | chapter-url = https://books.google.com/books?id=xUG8DAAAQBAJ&pg=PA105}} |
* {{cite book | editor = Thomas Peyrin | first1=Meicheng |last1 = Liu | first2=Siang Meng | last2 = Sim | date = 25 July 2016 | title = Fast Software Encryption: 23rd International Conference, FSE 2016, Bochum, Germany, March 20-23, 2016, Revised Selected Papers | publisher = Springer | pages = 101-121 | isbn = 978-3-662-52993-5 | chapter = Branch Number of the Diffusion Layer | oclc = 1008648217 | chapter-url = https://books.google.com/books?id=xUG8DAAAQBAJ&pg=PA105}} |
||
* {{cite book | title = Information Security Practice and Experience | last1 = Zhang | first1 = Wentao | last2 = Wu | first2 = Wenling | last3 = Feng | first3 = Dengguo | last4 = Su | first4 = Bozhan | chapter = Some New Observations on the SMS4 Block Cipher in the Chinese WAPI Standard | date = 2009 | pages = 324–335 | publisher = Springer Berlin Heidelberg | issn = 0302-9743 | eissn = 1611-3349 | doi = 10.1007/978-3-642-00843-6_28 | chapter-url = https://www.google.com/books/edition/Information_Security_Practice_and_Experi/h13tzZqbcDcC?pg=PA327}} |
* {{cite book | title = Information Security Practice and Experience | last1 = Zhang | first1 = Wentao | last2 = Wu | first2 = Wenling | last3 = Feng | first3 = Dengguo | last4 = Su | first4 = Bozhan | chapter = Some New Observations on the SMS4 Block Cipher in the Chinese WAPI Standard | date = 2009 | pages = 324–335 | publisher = Springer Berlin Heidelberg | issn = 0302-9743 | eissn = 1611-3349 | doi = 10.1007/978-3-642-00843-6_28 | chapter-url = https://www.google.com/books/edition/Information_Security_Practice_and_Experi/h13tzZqbcDcC?pg=PA327}} |
||
* * {{cite book | first1 = Joan | last1 = Daemen | first2 = Vincent | last2 = Rijmen | date = 9 March 2013 | title = The Design of Rijndael: AES - The Advanced Encryption Standard | publisher = Springer Science & Business Media | pages = | isbn = 978-3-662-04722-4 | oclc = 1259405449 | url = https://cs.ru.nl/~joan/papers/JDA_VRI_Rijndael_2002.pdf}} |
|||
{{cryptography-stub}} |
{{cryptography-stub}} |
||
[[Category:Cryptography]] |
[[Category:Cryptography]] |
||
Revision as of 03:24, 17 April 2023
 | This article or section is in a state of significant expansion or restructuring. You are welcome to assist in its construction by editing it as well. If this article or section has not been edited in several days, please remove this template. If you are the editor who added this template and you are actively editing, please be sure to replace this template with {{in use}} during the active editing session. Click on the link for template parameters to use.
This article was last edited by Dimawik (talk | contribs) 13 months ago. (Update timer) |
In cryptography, the branch number is a numerical value that characterizes the amount of diffusion introduced by a transformation F that maps an input vector u to output vector v: . For the (usual[1]) case of linear F the value is produced by:
- applying nonzero values of u (i.e., values that have at least one non-zero component of the vector) to the input of F;
- calculating for each input value the weight W (number of nonzero components), and adding weights of u and v together;
- finding out the smallest combined weight across for all nonzero input values.
If both u and v have s components, the result is obviously limited on the high side by the value (this "perfect" result is achieved when any single nonzero component on u makes all components of v to be non-zero). A high branch number suggests higher resistance to the differential cryptanalysis: the small variations of input will produce large changes on the output and in order to obtain small variations of the output, large changes of the input value will be required.[2]
The term was introduced by Daemen and Rijmen in early 2000s and quickly became a typical tool to access the diffusion properties of the transformations.[1]
Mathematics
The branch number concept is not limited to the linear transformations, Daemen and Rijmen provided two general metrics:[3]
- differential branch number, where the minimum is obtained over inputs of F that are constructed by XORing () two independent and unequal vectors a and b: ;
- linear branch number.
References
- ^ a b Zhang et al. 2009, p. 327.
- ^ Liu & Sim 2016, p. 105.
- ^ Daemen & Rijmen 2013, pp. 131–132.
Sources
- Liu, Meicheng; Sim, Siang Meng (25 July 2016). "Branch Number of the Diffusion Layer". In Thomas Peyrin (ed.). Fast Software Encryption: 23rd International Conference, FSE 2016, Bochum, Germany, March 20-23, 2016, Revised Selected Papers. Springer. pp. 101–121. ISBN 978-3-662-52993-5. OCLC 1008648217.
- Zhang, Wentao; Wu, Wenling; Feng, Dengguo; Su, Bozhan (2009). "Some New Observations on the SMS4 Block Cipher in the Chinese WAPI Standard". Information Security Practice and Experience. Springer Berlin Heidelberg. pp. 324–335. doi:10.1007/978-3-642-00843-6_28. eISSN 1611-3349. ISSN 0302-9743.
- * Daemen, Joan; Rijmen, Vincent (9 March 2013). The Design of Rijndael: AES - The Advanced Encryption Standard (PDF). Springer Science & Business Media. ISBN 978-3-662-04722-4. OCLC 1259405449.
 | This cryptography-related article is a stub. You can help Wikipedia by expanding it. |