Security evaluation on type‐1 and type‐1‐like 4‐branch generalized Feistel structures and application to reduced‐round Lesamnta‐LW‐BC

Abstract Generalized Feistel structures (called GFSs for short) are one of the most popular block cipher structures. They are mainly divided into type‐1, type‐2 and type‐3 GFS. Among them, type‐1 and type‐1‐like ones attracted much attention during the past decades because of the simple design and high implementation efficiency. In this paper, the security of the type‐1 and type‐1‐like 4‐branch GFS with substitution permutation round functions against the impossible differential attack are evaluated. For these two structures, 21‐round impossible differential distinguishers are constructed when the linear layers P satisfy γ(P) ≥ 2, where γ(P) denotes the primitive index of P. Especially, when γ(P) = 2, the 21‐round distinguisher of the type‐1 structure is one round longer than before. Furthermore, for a specific block cipher Lesamnta‐LW‐BC, which takes the type‐1‐like structure, by exploiting the details of the linear layer, a better 21‐round impossible differential distinguisher is constructed, which contains more impossible differentials than before. With this distinguisher, a 27‐round impossible differential attack on Lesamnta‐LW‐BC is performed. The length of this attack is 8 rounds longer than the previous best one. Our results can provide guidance for designing and analysing the type‐1 and type‐1‐like GFS as well as the specific block ciphers which take the structures.