Rotational Cryptanalysis in the Presence of Constants

Rotational Cryptanalysis in the Presence of Constants

Rotational cryptanalysis is a statistical method for attacking ARX constructions. It was previously shown that ARX-C, i.e., ARX with the injection of constants can be used to implement any function. In this paper we investigate how rotational cryptanalysis is affected when constants are injected int...

Full description

Bibliographic Details
Main Authors: Tomer Ashur, Yunwen Liu
Format: Article
Language:English
Published: Ruhr-Universität Bochum 2016-12-01
Series:IACR Transactions on Symmetric Cryptology
Subjects:
Rotational cryptanalysis
ARX
RX-difference
Online Access:https://tosc.iacr.org/index.php/ToSC/article/view/535
id doaj-e335006a62104c7f8ff26df3f015f633
record_format Article
spelling doaj-e335006a62104c7f8ff26df3f015f6332021-03-02T09:55:29ZengRuhr-Universität BochumIACR Transactions on Symmetric Cryptology2519-173X2016-12-01577010.13154/tosc.v2016.i1.57-70535Rotational Cryptanalysis in the Presence of ConstantsTomer Ashur0Yunwen Liu1Dept. Electrical Engineering (ESAT), KU Leuven and iMinds, LeuvenDept. Electrical Engineering (ESAT), KU Leuven and iMinds, Leuven; College of Science, National University of Defense Technology, ChangshaRotational cryptanalysis is a statistical method for attacking ARX constructions. It was previously shown that ARX-C, i.e., ARX with the injection of constants can be used to implement any function. In this paper we investigate how rotational cryptanalysis is affected when constants are injected into the state. We introduce the notion of an RX-difference, generalizing the idea of a rotational difference. We show how RX-differences behave around modular addition, and give a formula to calculate their transition probability. We experimentally verify the formula using Speck32/64, and present a 7-round distinguisher based on RX-differences. We then discuss two types of constants: round constants, and constants which are the result of using a fixed key, and provide recommendations to designers for optimal choice of parameters.https://tosc.iacr.org/index.php/ToSC/article/view/535Rotational cryptanalysisARXRX-difference
collection DOAJ
language English
format Article
sources DOAJ
author Tomer Ashur
Yunwen Liu
spellingShingle Tomer Ashur
Yunwen Liu
Rotational Cryptanalysis in the Presence of Constants
IACR Transactions on Symmetric Cryptology
Rotational cryptanalysis
ARX
RX-difference
author_facet Tomer Ashur
Yunwen Liu
author_sort Tomer Ashur
title Rotational Cryptanalysis in the Presence of Constants
title_short Rotational Cryptanalysis in the Presence of Constants
title_full Rotational Cryptanalysis in the Presence of Constants
title_fullStr Rotational Cryptanalysis in the Presence of Constants
title_full_unstemmed Rotational Cryptanalysis in the Presence of Constants
title_sort rotational cryptanalysis in the presence of constants
publisher Ruhr-Universität Bochum
series IACR Transactions on Symmetric Cryptology
issn 2519-173X
publishDate 2016-12-01
description Rotational cryptanalysis is a statistical method for attacking ARX constructions. It was previously shown that ARX-C, i.e., ARX with the injection of constants can be used to implement any function. In this paper we investigate how rotational cryptanalysis is affected when constants are injected into the state. We introduce the notion of an RX-difference, generalizing the idea of a rotational difference. We show how RX-differences behave around modular addition, and give a formula to calculate their transition probability. We experimentally verify the formula using Speck32/64, and present a 7-round distinguisher based on RX-differences. We then discuss two types of constants: round constants, and constants which are the result of using a fixed key, and provide recommendations to designers for optimal choice of parameters.
topic Rotational cryptanalysis
ARX
RX-difference
url https://tosc.iacr.org/index.php/ToSC/article/view/535
work_keys_str_mv AT tomerashur rotationalcryptanalysisinthepresenceofconstants
AT yunwenliu rotationalcryptanalysisinthepresenceofconstants
_version_ 1724238156867305472

Similar Items