This paper reviews some possible design criteria for the key schedule in a DES style cryptosystem. The key schedule involves a Key Rotation component, and the permutation PC2. Together these provide for a diffusion of dependency ofciphertext bits on key bits. Some empirical rules which seem to account for the derivation of the key schedule used in the DES are first presented. Anumber of trials were run with various key schedules, and some further design rules were derived. An alternative form of key schedule was then tested. This used either a null PC2, or one in which permutations only occurred within the inputs to a given Sbox, and a much larger rotation schedule than used in the DES. This was found to be as effective as the key schedule used in the current DES, and is proposed for use in new cryptosystems. 1.

This paper reviews some possible design criteria for the permutation P in a DES style cryptosystem. These permutations provide the diffusion component in a substitution-permutation network. Some empirical rules which seem to account for the derivation of the permutation used in the DES are first presented. Then it is noted that these permutations may be regarded as latin-squares which link the outputs of Sboxes to their inputs at the next stage. A subset of these with an extremely regular structure, and which perform well in a dependency analysis are then presented and suggested for use in future schemes of both current and extended versions of the DES. 1.

With the recent development of a number of new ciphers, especially block ciphers, there is a need for a set of tools to help analyse them, in order to obtain some comparative measure of their relative security, and to assist in identifying any shortcomings in their design. This project uses a number of tests to provide a better determination of a cipher's capabilities than previous attempts, and incorporates them into a framework to aid extension of the testbed, through both the addition of new ciphers, and new tests. The testbed will be used for a comparative analysis of some of the new families of block ciphers, including LOKI, FEAL, Khufu, Khafre, and KSX against the older generation which includes Lucifer and DES. Some preliminary results from this analysis on DES, FEAL, and LOKI are presented here. 1 Introduction With the increasing need for new ciphers for use in new communications systems, a number of new ciphers, particularly block ciphers, have been developed. There is a need...

Abstract. We study the weakness of key schedules from an observation: many existing attacks use the fact that the key schedules poorly distribute key bits in the diffusion path of round function. This reminds us of the importance of the diffusion’s relation between key schedule and round function. We present new cryptanalysis results by exploring such diffusion relation and propose a new criterion for necessary key schedule diffusion. We discuss potential attacks and summarize the causes for key schedules without satisfying this criterion. One major cause is that overlapping between the diffusion of key schedule and round function leads to information leakage of key bits. Finally, a measure to estimate our criterion for recursive key schedules is presented. Today designing key schedule still lacks practical and necessary principles. For a practical key schedule with limited diffusion, our work adds more insight to its requirements and helps to maximize the security level. 1