Skip to main content
SpringerLink
Log in

Parity (XOR) Reasoning for the Index Calculus Attack

  • Conference paper
  • First Online:
Principles and Practice of Constraint Programming (CP 2020)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 12333))

Abstract

Cryptographic problems can often be reduced to solving Boolean polynomial systems, whose equivalent logical formulas can be treated using SAT solvers. Given the algebraic nature of the problem, the use of the logical XOR operator is common in SAT-based cryptanalysis. Recent works have focused on advanced techniques for handling parity (XOR) constraints, such as the Gaussian Elimination technique. First, we propose an original XOR-reasoning SAT solver, named WDSat (Weil Descent SAT solving), dedicated to a specific cryptographic problem. Secondly, we show that in some cases Gaussian Elimination on SAT instances does not work as well as Gaussian Elimination on algebraic systems. We demonstrate how this oversight is fixed in our solver, which is adapted to read instances in algebraic normal form (ANF). Finally, we propose a novel preprocessing technique based on the Minimal Vertex Cover Problem in graph theory. This preprocessing technique is, within the framework of multivariate Boolean polynomial systems, used as a DLL branching selection rule that leads to quick linearization of the underlying algebraic system. Our benchmarks use a model obtained from cryptographic instances for which a significant speedup is achieved using the findings in this paper. We further explain how our preprocessing technique can be used as an assessment of the security of a cryptographic system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Our C code for generating these instances is publicly available  [28].

  2. 2.

    Enabling GE in CryptoMiniSat yielded better performance for these benchmarks.

References

  1. Audemard, G., Simon, L.: Predicting learnt clauses quality in modern SAT solvers. In: IJCAI 2009, Proceedings of the 21st International Joint Conference on Artificial Intelligence, Pasadena, California, USA, 11–17 July 2009, pp. 399–404 (2009). http://ijcai.org/Proceedings/09/Papers/074.pdf

  2. Bettale, L., Faugère, J., Perret, L.: Hybrid approach for solving multivariate systems over finite fields. J. Math. Cryptol. 3(3), 177–197 (2009). https://doi.org/10.1515/JMC.2009.009

    Article  MathSciNet  MATH  Google Scholar 

  3. Biere, A.: CaDiCaL simplified satisfiability solver. http://fmv.jku.at/cadical/. Accessed 27 May 2020

  4. BlueKrypt: Cryptographic key length recommendation (2018). https://www.keylength.com. Accessed 27 May 2020

  5. Bosma, W., Cannon, J., Playoust, C.: The Magma algebra system. I. The user language. J. Symb. Comput. 24(3–4), 235–265 (1997). https://doi.org/10.1006/jsco.1996.0125

    Article  MathSciNet  MATH  Google Scholar 

  6. Bouillaguet, C., et al.: Fast exhaustive search for polynomial systems in \({\mathbb{F}_2}\). In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 203–218. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15031-9_14

    Chapter  Google Scholar 

  7. Choo, D., Soos, M., Chai, K.M.A., Meel, K.S.: Bosphorus: bridging ANF and CNF solvers. In: Design, Automation & Test in Europe Conference & Exhibition, DATE 2019, Florence, Italy, 25–29 March 2019, pp. 468–473 (2019). https://doi.org/10.23919/DATE.2019.8715061

  8. Davis, M., Logemann, G., Loveland, D.: A machine program for theorem-proving. Commun. ACM 5(7), 394–397 (1962). https://doi.org/10.1145/368273.368557

    Article  MathSciNet  MATH  Google Scholar 

  9. Cannière, C.: Trivium: a stream cipher construction inspired by block cipher design principles. In: Katsikas, S.K., López, J., Backes, M., Gritzalis, S., Preneel, B. (eds.) ISC 2006. LNCS, vol. 4176, pp. 171–186. Springer, Heidelberg (2006). https://doi.org/10.1007/11836810_13

    Chapter  Google Scholar 

  10. Diem, C.: On the discrete logarithm problem in elliptic curves. Compositio Mathematica 147(1), 75–104 (2011). https://doi.org/10.1112/S0010437X10005075

    Article  MathSciNet  MATH  Google Scholar 

  11. Eén, N., Sörensson, N.: An extensible SAT-solver. In: Giunchiglia, E., Tacchella, A. (eds.) SAT 2003. LNCS, vol. 2919, pp. 502–518. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24605-3_37

    Chapter  Google Scholar 

  12. Faugère, J.C.: A new efficient algorithm for computing Gröbner basis (F4). J. Pure Appl. Algebra 139(1–3), 61–88 (1999). https://doi.org/10.1145/780506.780516

    Article  MathSciNet  MATH  Google Scholar 

  13. Faugère, J.-C., Perret, L., Petit, C., Renault, G.: Improving the complexity of index calculus algorithms in elliptic curves over binary fields. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 27–44. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_4

    Chapter  MATH  Google Scholar 

  14. Galbraith, S.D., Gebregiyorgis, S.W.: Summation polynomial algorithms for elliptic curves in characteristic two. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 409–427. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13039-2_24

    Chapter  MATH  Google Scholar 

  15. Gaudry, P.: Index calculus for Abelian varieties of small dimension and the elliptic curve discrete logarithm problem. J. Symb. Comput. 44(12), 1690–1702 (2009). https://doi.org/10.1016/j.jsc.2008.08.005

    Article  MathSciNet  MATH  Google Scholar 

  16. Gérault, D., Lafourcade, P., Minier, M., Solnon, C.: Revisiting AES related-key differential attacks with constraint programming. Inf. Process. Lett. 139, 24–29 (2018). https://doi.org/10.1016/j.ipl.2018.07.001

    Article  MathSciNet  MATH  Google Scholar 

  17. Gerault, D., Lafourcade, P., Minier, M., Solnon, C.: Computing AES related-key differential characteristics with constraint programming. Artif. Intell. 278, 103183 (2020). https://doi.org/10.1016/j.artint.2019.103183

    Article  MathSciNet  MATH  Google Scholar 

  18. Gerault, D., Minier, M., Solnon, C.: Using constraint programming to solve a cryptanalytic problem. In: Sierra, C. (ed.) Proceedings of the Twenty-Sixth International Joint Conference on Artificial Intelligence, IJCAI 2017, Melbourne, Australia, 19–25 August 2017, pp. 4844–4848. ijcai.org (2017). https://doi.org/10.24963/ijcai.2017/679

  19. Lidl, R., Niederreiter, H.: Introduction to Finite Fields and Their Applications. Cambridge University Press, Cambridge (1986)

    MATH  Google Scholar 

  20. Liu, F., Cruz, W., Ma, C., Johnson, G., Michel, L.: A tolerant algebraic side-channel attack on AES using CP. In: Beck, J.C. (ed.) CP 2017. LNCS, vol. 10416, pp. 189–205. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66158-2_13

    Chapter  Google Scholar 

  21. Liu, F., Cruz, W., Michel, L.: A complete tolerant algebraic side-channel attack for AES with CP. In: Hooker, J. (ed.) CP 2018. LNCS, vol. 11008, pp. 259–275. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98334-9_18

    Chapter  Google Scholar 

  22. van Maaren, H., Franco, J.: The International SAT Competition Web Page. http://www.satcompetition.org/. Accessed 27 May 2020

  23. Nadel, A., Ryvchin, V.: Chronological backtracking. In: Beyersdorff, O., Wintersteiger, C.M. (eds.) SAT 2018. LNCS, vol. 10929, pp. 111–121. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-94144-8_7

    Chapter  Google Scholar 

  24. Petit, C., Quisquater, J.-J.: On polynomial systems arising from a weil descent. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 451–466. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_28

    Chapter  Google Scholar 

  25. Semaev, I.A.: Summation polynomials and the discrete logarithm problem on elliptic curves. IACR Cryptology ePrint Archive 2004, 31 (2004). http://eprint.iacr.org/2004/031

  26. Soos, M.: Grain of salt – an automated way to test stream ciphers through SAT solvers. In: Tools’10: The Workshop on Tools for Cryptanalysis 2010, London, United Kingdom, pp. 131–144, June 2010. https://hal.archives-ouvertes.fr/hal-01288922

  27. Soos, M., Nohl, K., Castelluccia, C.: Extending SAT solvers to cryptographic problems. In: Kullmann, O. (ed.) SAT 2009. LNCS, vol. 5584, pp. 244–257. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02777-2_24

    Chapter  Google Scholar 

  28. Trimoska, M., Ionica, S., Dequen, G.: EC index calculus benchmarks (2020). https://github.com/mtrimoska/EC-Index-Calculus-Benchmarks

  29. Trimoska, M., Ionica, S., Dequen, G.: WDSat solver (2020). https://github.com/mtrimoska/WDSat

Download references

Author information

Authors and Affiliations

  1. Laboratoire MIS, Université de Picardie Jules Verne, Amiens, France

    Monika Trimoska, Sorina Ionica & Gilles Dequen

Authors
  1. Monika Trimoska
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sorina Ionica
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gilles Dequen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Monika Trimoska .

Editor information

Editors and Affiliations

  1. Insight Centre for Data Analytics, School for Computer Science and Information Technology, University College Cork, Cork, Ireland

    Helmut Simonis

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Trimoska, M., Ionica, S., Dequen, G. (2020). Parity (XOR) Reasoning for the Index Calculus Attack. In: Simonis, H. (eds) Principles and Practice of Constraint Programming. CP 2020. Lecture Notes in Computer Science(), vol 12333. Springer, Cham. https://doi.org/10.1007/978-3-030-58475-7_45

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-58475-7_45

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-58474-0

  • Online ISBN: 978-3-030-58475-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation