In 2011, Gregor Leander et al. found a new type of attacks against lightweight block ciphers called Invariant attacks. Four years later, this class of attacks has been generalized by Todo and Leander into the nonlinear invariant attacks. It appeared also that many lightweight block ciphers were vulnerable to Invariant attacks.

In the first part of the talk, we’ll see how we can prove the resistance against this class of attacks for existing ciphers.
In the second part of the talk, we show how to construct block cipher that resist to nonlinear Invariant attacks, by choosing appropriate linear layer and round constants, leading to a new design criteria for block ciphers.