Abstract

In this paper we describe a new tool to search for boomerang distinguishers. One limitation of the MILP model of Liu et al. is that it handles only one round for the middle part while Song et al. have shown that dependencies could affect much more rounds, for instance up to 6 rounds for SKINNY. Thus we describe a new approach to turn an MILP model to search for truncated characteristics into an MILP model to search for truncated boomerang characteristics automatically handling the middle rounds. We then show a new CP model to search for the best possible instantiations to identify good boomerang distinguishers. Finally we systematized the method initiated by Song et al. to precisely compute the probability of a boomerang. As a result, we found many new boomerang distinguishers up to 24 rounds in the TK3 model. In particular, we improved by a factor 230 the probability of the best known distinguisher against 18-round SKINNY-128/256.

Highlights

  • Differential cryptanalysis is one of the most powerful cryptanalysis techniques

  • We propose a new Constraint Programming (CP) model to search for the best instantiation of a truncated boomerang characteristic

  • Assuming an MILP model to search for truncated differential characteristics on this cipher, we show how to turn it into an MILP model to search for truncated boomerang characteristics

Read more

Summary

Introduction

Differential cryptanalysis is one of the most powerful cryptanalysis techniques. It was proposed by Biham and Shamir in [BS91] and has generated much attention since . The classical approach is to first search for two short characteristics with high probability and to combine them We believe this approach should be deprecated since the dependency in the middle rounds may hugely affect the probability of the distinguisher and it seems sub-optimal to search for both the lower and upper differentials independently. A more generic approach was proposed in [LS19], where Liu et al describe an MILP model to directly search for the best boomerang distinguisher against the block cipher GIFT. We propose a new Constraint Programming (CP) model to search for the best instantiation of a truncated boomerang characteristic.

Properties on the EBCT
SKINNY
Computing Probability
Clusters
Generation of the formula
Propagates the zeros from the initial differences:2
Automated tool
MILP Model to Search for Truncated Boomerangs
Objective Function
Application to SKINNY
Optimizations
Limitations
CP Model
Finding Characteristics
Precise Cluster Analysis
Experimental Results
Conclusion
A Dependence sets of SKINNY
B Boomerang characteristic on TK3 24 rounds 128 bits
C Proof of Property 1

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Boomerang Connectivity Table Revisited. Application to SKINNY and AES
Ling Song ... Lei Hu
IACR Transactions on Symmetric Cryptology | VOL. -
Ling Song, et. al.Ling Song ... Lei Hu
08 Mar 2019
Boomerang Connectivity Table Revisited. Application to SKINNY and AES
...
-
, et. al. ...
08 Mar 2019
Revisiting Related-Key Boomerang Attacks on AES Using Computer-Aided Tool
Patrick Derbez ... Pierre-Alain Fouque
-
Patrick Derbez, et. al.Patrick Derbez ... Pierre-Alain Fouque
01 Jan 2021
An efficient MILP model for the short-term scheduling of single stage batch plants
Pedro M Castro ... Ignacio E Grossmann
Computers and Chemical Engineering | VOL. 30
Pedro M Castro, et. al.Pedro M Castro ... Ignacio E Grossmann
05 Apr 2006
View more papers

More From: IACR Transactions on Symmetric Cryptology

Paper Title
Journal
Date
Author
Finding Complete Impossible Differential Attacks on AndRX Ciphers and Efficient Distinguishers for ARX Designs
Debasmita Chakraborty ... Hosein Hadipour
IACR Transactions on Symmetric Cryptology | VOL. 2024
Debasmita Chakraborty, et. al.Debasmita Chakraborty ... Hosein Hadipour
06 Sep 2024
Monolith: Circuit-Friendly Hash Functions with New Nonlinear Layers for Fast and Constant-Time Implementations
Lorenzo Grassi ... Dmitry Khovratovich
IACR Transactions on Symmetric Cryptology | VOL. 2024
Lorenzo Grassi, et. al.Lorenzo Grassi ... Dmitry Khovratovich
06 Sep 2024
Single-Query Quantum Hidden Shift Attacks
Xavier Bonnetain ... André Schrottenloher
IACR Transactions on Symmetric Cryptology | VOL. 2024
Xavier Bonnetain, et. al.Xavier Bonnetain ... André Schrottenloher
06 Sep 2024
Addendum to Classification of All t-Resilient Boolean Functions with t + 4 Variables
Shahram Rasoolzadeh
IACR Transactions on Symmetric Cryptology | VOL. 2024
Shahram RasoolzadehShahram Rasoolzadeh
06 Sep 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.