AU - Boukerrou, Hamid
AU - Huynh, Paul
AU - Lallemand, Virginie
AU - Mandal, Bimal
AU - Minier, Marine
PY - 2020/05/07
Y2 - 2020/08/08
TI - On the Feistel Counterpart of the Boomerang Connectivity Table: Introduction and Analysis of the FBCT
JF - IACR Transactions on Symmetric Cryptology
JA - ToSC
VL - 2020
IS - 1
DO - 10.13154/tosc.v2020.i1.331-362
UR - https://tosc.iacr.org/index.php/ToSC/article/view/8568
SP - 331-362
AB - At Eurocrypt 2018, Cid et al. introduced the Boomerang Connectivity Table (BCT), a tool to compute the probability of the middle round of a boomerang distinguisher from the description of the cipher’s Sbox(es). Their new table and the following works led to a refined understanding of boomerangs, and resulted in a series of improved attacks. Still, these works only addressed the case of Substitution Permutation Networks, and completely left out the case of ciphers following a Feistel construction. In this article, we address this lack by introducing the FBCT, the Feistel counterpart of the BCT. We show that the coefficient at row Δi, ∇o corresponds to the number of times the second order derivative at points Δi, ∇o) cancels out. We explore the properties of the FBCT and compare it to what is known on the BCT. Taking matters further, we show how to compute the probability of a boomerang switch over multiple rounds with a generic formula.
