Chapter

Fast Software Encryption

Volume 6733 of the series Lecture Notes in Computer Science pp 342-358

The Additive Differential Probability of ARX

  • Vesselin VelichkovAffiliated withLancaster UniversityDepartment of Electrical Engineering ESAT/SCD-COSIC, Katholieke Universiteit LeuvenInterdisciplinary Institute for BroadBand Technology (IBBT)
  • , Nicky MouhaAffiliated withLancaster UniversityDepartment of Electrical Engineering ESAT/SCD-COSIC, Katholieke Universiteit LeuvenInterdisciplinary Institute for BroadBand Technology (IBBT)
  • , Christophe De CannièreAffiliated withLancaster UniversityDepartment of Electrical Engineering ESAT/SCD-COSIC, Katholieke Universiteit LeuvenInterdisciplinary Institute for BroadBand Technology (IBBT)
  • , Bart PreneelAffiliated withLancaster UniversityDepartment of Electrical Engineering ESAT/SCD-COSIC, Katholieke Universiteit LeuvenInterdisciplinary Institute for BroadBand Technology (IBBT)

Abstract

We analyze \(\mathrm{adp}^\texttt{ARX}\), the probability with which additive differences propagate through the following sequence of operations: modular addition, bit rotation and XOR (ARX). We propose an algorithm to evaluate \(\mathrm{adp}^\texttt{ARX}\) with a linear time complexity in the word size. This algorithm is based on the recently proposed concept of S-functions. Because of the bit rotation operation, it was necessary to extend the S-functions framework. We show that \(\mathrm{adp}^\texttt{ARX}\) can differ significantly from the multiplication of the differential probability of each component. To the best of our knowledge, this paper is the first to propose an efficient algorithm to calculate \(\mathrm{adp}^\texttt{ARX}\). Accurate calculations of differential probabilities are necessary to evaluate the resistance of cryptographic primitives against differential cryptanalysis. Our method can be applied to find more accurate differential characteristics for ARX-based constructions.

Keywords

Additive differential probability differential cryptanalysis symmetric-key ARX