Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Rotational Differential-Linear Distinguishers of ARX Ciphers with Arbitrary Output Linear Masks

  • Conference paper
  • First Online:
Advances in Cryptology – CRYPTO 2022 (CRYPTO 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13507))

Included in the following conference series:

Abstract

The rotational differential-linear attacks, proposed at EUROCRYPT 2021, is a generalization of differential-linear attacks by replacing the differential part of the attacks with rotational differentials. At EUROCRYPT 2021, Liu et al. presented a method based on Morawiecki et al.’s technique (FSE 2013) for evaluating the rotational differential-linear correlations for the special cases where the output linear masks are unit vectors. With this method, some powerful (rotational) differential-linear distinguishers with output linear masks being unit vectors against FRIET, Xoodoo, and Alzette were discovered. However, how to compute the rotational differential-linear correlations for arbitrary output masks was left open. In this work, we partially solve this open problem by presenting an efficient algorithm for computing the (rotational) differential-linear correlation of modulo additions for arbitrary output linear masks, based on which a technique for evaluating the (rotational) differential-linear correlation of ARX ciphers is derived. We apply the technique to Alzette, SipHash, ChaCha, and SPECK. As a result, significantly improved (rotational) differential-linear distinguishers including deterministic ones are identified. All results of this work are practical and experimentally verified to confirm the validity of our methods. In addition, we try to explain the experimental distinguishers employed in FSE 2008, FSE 2016, and CRYPTO 2020 against ChaCha. The predicted correlations are close to the experimental ones.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Abed, F., List, E., Lucks, S., Wenzel, J.: Differential cryptanalysis of round-reduced Simon and Speck. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 525–545. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46706-0_27

    Chapter  Google Scholar 

  2. Ashur, T., Liu, Y.: Rotational cryptanalysis in the presence of constants. IACR Trans. Symmetric Cryptol. 2016(1), 57–70 (2016)

    Article  Google Scholar 

  3. Aumasson, J.-P., Bernstein, D.J.: SipHash: a fast short-input PRF. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 489–508. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34931-7_28

    Chapter  Google Scholar 

  4. Aumasson, J.-P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of Latin dances: analysis of Salsa, ChaCha, and Rumba. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 470–488. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71039-4_30

    Chapter  Google Scholar 

  5. Aumasson, J.-P., Henzen, L., Meier, W., Phan, R.C.-W.: SHA-3 proposal BLAKE. Submission to NIST (2010)

    Google Scholar 

  6. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. IACR Cryptology ePrint Archive, p. 404 (2013)

    Google Scholar 

  7. Beierle, C., et al.: Alzette: a 64-bit ARX-box - (Feat. CRAX and TRAX). In: Advances in Cryptology - CRYPTO 2020–40th Annual International Cryptology Conference, CRYPTO 2020, 17–21 August 2020, Proceedings, Part III, pp. 419–448 (2020)

    Google Scholar 

  8. Beierle, C., et al.: Lightweight AEAD and hashing using the SPARKLE permutation family. IACR Trans. Symmetric Cryptol. 2020(S1), 208–261 (2020)

    Article  Google Scholar 

  9. Beierle, C., Leander, G., Todo, Y.: Improved differential-linear attacks with applications to ARX ciphers. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part III. LNCS, vol. 12172, pp. 329–358. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56877-1_12

    Chapter  Google Scholar 

  10. Bernstein, D.J.: ChaCha, a variant of Salsa20. In: Workshop Record of SASC, vol. 8, pp. 3–5 (2008)

    Google Scholar 

  11. Bernstein, D.J.: The Salsa20 family of stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68351-3_8

    Chapter  Google Scholar 

  12. Biryukov, A., Velichkov, V.: Automatic search for differential trails in ARX ciphers. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 227–250. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-04852-9_12

    Chapter  Google Scholar 

  13. Biryukov, A., Velichkov, V., Le Corre, Y.: Automatic search for the best trails in ARX: application to block cipher Speck. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 289–310. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-52993-5_15

    Chapter  Google Scholar 

  14. Choudhuri, A.R., Maitra, S.: Significantly improved multi-bit differentials for reduced round Salsa and ChaCha. IACR Trans. Symmetric Cryptol. 2016(2), 261–287 (2016)

    Google Scholar 

  15. Coutinho, M., Souza Neto, T.C.: Improved linear approximations to ARX ciphers and attacks against ChaCha. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021, Part I. LNCS, vol. 12696, pp. 711–740. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_25

    Chapter  Google Scholar 

  16. Wheeler, D.J., Needham, R.M.: TEA, a tiny encryption algorithm. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 363–366. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-60590-8_29

    Chapter  Google Scholar 

  17. Dey, S., Dey, C., Sarkar, S., Meier, W.: Revisiting cryptanalysis on ChaCha from Crypto 2020 and Eurocrypt 2021. IACR Cryptology ePrint Archive, p. 1059 (2021)

    Google Scholar 

  18. Dinu, D., Le Corre, Y., Khovratovich, D., Perrin, L., Großschädl, J., Biryukov, A.: Triathlon of lightweight block ciphers for the Internet of things. J. Cryptogr. Eng. 9(3), 283–302 (2019)

    Article  Google Scholar 

  19. Dinu, D., Perrin, L., Udovenko, A., Velichkov, V., Großschädl, J., Biryukov, A.: Design strategies for ARX with provable bounds: Sparx and LAX. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016, Part I. LNCS, vol. 10031, pp. 484–513. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53887-6_18

    Chapter  Google Scholar 

  20. Dobraunig, C., Mendel, F., Schläffer, M.: Differential cryptanalysis of SipHash. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 165–182. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13051-4_10

    Chapter  Google Scholar 

  21. ElSheikh, M., Abdelkhalek, A., Youssef, A.M.: On MILP-based automatic search for differential trails through modular additions with application to Bel-T. In: Buchmann, J., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2019. LNCS, vol. 11627, pp. 273–296. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-23696-0_14

    Chapter  Google Scholar 

  22. Ferguson, N., et al.: The Skein Hash Function Family. Submission to NIST (2010)

    Google Scholar 

  23. Fu, K., Wang, M., Guo, Y., Sun, S., Hu, L.: MILP-based automatic search algorithms for differential and linear trails for Speck. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 268–288. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-52993-5_14

    Chapter  Google Scholar 

  24. Hong, D., Lee, J.-K., Kim, D.-C., Kwon, D., Ryu, K.H., Lee, D.-G.: LEA: a 128-bit block cipher for fast encryption on common processors. In: Kim, Y., Lee, H., Perrig, A. (eds.) WISA 2013. LNCS, vol. 8267, pp. 3–27. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-05149-9_1

    Chapter  Google Scholar 

  25. Hong, D., et al.: HIGHT: a new block cipher suitable for low-resource device. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 46–59. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_4

    Chapter  Google Scholar 

  26. Kim, D., Kwon, D., Song, J.: Efficient computation of boomerang connection probability for ARX-based block ciphers with application to SPECK and LEA. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 103-A(4), 677–685 (2020)

    Google Scholar 

  27. Leurent, G.: https://who.paris.inria.fr/Gaetan.Leurent/arxtools.html

  28. Leurent, G.: Analysis of differential attacks in ARX constructions. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 226–243. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_15

    Chapter  Google Scholar 

  29. Leurent, G.: Construction of differential characteristics in ARX designs application to Skein. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 241–258. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_14

    Chapter  Google Scholar 

  30. Leurent, G.: Improved differential-linear cryptanalysis of 7-Round Chaskey with partitioning. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part I. LNCS, vol. 9665, pp. 344–371. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_14

    Chapter  Google Scholar 

  31. Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 336–350. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45473-X_28

    Chapter  Google Scholar 

  32. Liu, Y., Sun, S., Li, C.: Rotational cryptanalysis from a differential-linear perspective. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021, Part I. LNCS, vol. 12696, pp. 741–770. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_26

    Chapter  Google Scholar 

  33. Liu, Y., De Witte, G., Ranea, A., Ashur, T.: Rotational-XOR cryptanalysis of reduced-round SPECK. IACR Trans. Symmetric Cryptol. 2017(3), 24–36 (2017)

    Article  Google Scholar 

  34. Morawiecki, P., Pieprzyk, J., Srebrny, M.: Rotational cryptanalysis of round-reduced Keccak. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 241–262. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43933-3_13

    Chapter  Google Scholar 

  35. Mouha, N., Mennink, B., Van Herrewege, A., Watanabe, D., Preneel, B., Verbauwhede, I.: Chaskey: an efficient MAC algorithm for 32-bit microcontrollers. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 306–323. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13051-4_19

    Chapter  Google Scholar 

  36. Mouha, N., Preneel, B.: Towards finding optimal differential characteristics for ARX: application to Salsa20. Cryptology ePrint Archive, Report 2013/328 (2013). https://ia.cr/2013/328

  37. Mouha, N., Velichkov, V., De Cannière, C., Preneel, B.: The differential analysis of S-functions. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 36–56. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19574-7_3

    Chapter  Google Scholar 

  38. National Institute of Standards and Technology. Preliminary state standard of republic of Belarus (STBP 34.101.312011) (2011). https://apmi.bsu.by/assets/files/std/belt-spec27.pdf

  39. Niu, Z., Sun, S., Liu, Y., Li, C.: Rotational differential-linear distinguishers of ARX ciphers with arbitrary output linear masks (2022). https://eprint.iacr.org/2022/765

  40. Nyberg, K., Wallén, J.: Improved linear distinguishers for SNOW 2.0. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 144–162. Springer, Heidelberg (2006). https://doi.org/10.1007/11799313_10

    Chapter  Google Scholar 

  41. Needham, R.M., Wheeler, D.J.: TEA extensions. Report, Cambridge University (1997)

    Google Scholar 

  42. Shimizu, A., Miyaguchi, S.: Fast data encipherment algorithm FEAL. In: Chaum, D., Price, W.L. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 267–278. Springer, Heidelberg (1988). https://doi.org/10.1007/3-540-39118-5_24

    Chapter  Google Scholar 

  43. Song, L., Huang, Z., Yang, Q.: Automatic differential analysis of ARX block ciphers with application to SPECK and LEA. In: Liu, J.K., Steinfeld, R. (eds.) ACISP 2016, Part II. LNCS, vol. 9723, pp. 379–394. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40367-0_24

    Chapter  Google Scholar 

  44. Wallén, Johan: Linear approximations of addition modulo 2n. In: Johansson, Thomas (ed.) FSE 2003. LNCS, vol. 2887, pp. 261–273. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-39887-5_20

  45. Xu, Y., Wu, B., Lin, D.: Rotational-linear attack: a new framework of cryptanalysis on ARX ciphers with applications to Chaskey. In: Gao, D., Li, Q., Guan, X., Liao, X. (eds.) ICICS 2021, Part II. LNCS, vol. 12919, pp. 192–209. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-88052-1_12

    Chapter  Google Scholar 

Download references

Acknowledgment

We thank the reviewers for their valuable comments. This work is supported by the National Key Research and Development Program of China (2018YFA0704704), the Natural Science Foundation of China (62032014), and the Fundamental Research Funds for the Central Universities.

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Zhongfeng Niu & Yunwen Liu

  2. School of Cryptology, University of Chinese Academy of Sciences, Beijing, China

    Zhongfeng Niu, Siwei Sun & Yunwen Liu

  3. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China

    Zhongfeng Niu & Yunwen Liu

  4. College of Liberal Arts and Science, National University of Defense Technology, Changsha, China

    Yunwen Liu & Chao Li

  5. State Key Laboratory of Cryptology, P.O. Box 5159, Beijing, 100878, China

    Siwei Sun & Yunwen Liu

Authors
  1. Zhongfeng Niu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Siwei Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yunwen Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chao Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Siwei Sun .

Editor information

Editors and Affiliations

  1. New York University, New York, NY, USA

    Yevgeniy Dodis

  2. University of Florida, Gainesville, FL, USA

    Thomas Shrimpton

Rights and permissions

Reprints and permissions

Copyright information

© 2022 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Niu, Z., Sun, S., Liu, Y., Li, C. (2022). Rotational Differential-Linear Distinguishers of ARX Ciphers with Arbitrary Output Linear Masks. In: Dodis, Y., Shrimpton, T. (eds) Advances in Cryptology – CRYPTO 2022. CRYPTO 2022. Lecture Notes in Computer Science, vol 13507. Springer, Cham. https://doi.org/10.1007/978-3-031-15802-5_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-15802-5_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-15801-8

  • Online ISBN: 978-3-031-15802-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation