Evolutionary Computation Techniques for Constructing SAT-Based Attacks in Algebraic Cryptanalysis

  • Artem PavlenkoEmail author
  • Alexander Semenov
  • Vladimir Ulyantsev
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11454)


In this paper we present the results on applying evolutionary computation techniques to construction of several cryptographic attacks. In particular, SAT-based guess-and-determine attacks studied in the context of algebraic cryptanalysis. Each of these attacks is built upon some set of Boolean variables, thus it can be specified by a Boolean vector. We use two general evolutionary strategies to find an optimal vector: (1+1)-EA and GA. Based on these strategies parallel algorithms (based on modern SAT-solvers) for solving the problem of minimization of a special pseudo-Boolean function are implemented. This function is a fitness function used to evaluate the runtime of a guess-and-determine attack. We compare the efficiency of (1+1)-EA and GA with the algorithm from the Tabu search class, that was earlier used to solve related problems. Our GA-based solution showed the best results on a number of test instances, namely, cryptanalysis problems of several stream ciphers (cryptographic keystream generators).


Algebraic cryptanalysis Guess-and-determine attack SAT Evolutionary computation 



The authors would like to thank Daniil Chivilikhin, Maxim Buzdalov and anonymous reviewers for useful comments.


  1. 1.
    Bard, G.V.: Algebraic Cryptanalysis. Springer, New York (2009). Scholar
  2. 2.
    Semenov, A., Zaikin, O.: Algorithm for finding partitionings of hard variants of boolean satisfiability problem with application to inversion of some cryptographic functions. SpringerPlus 5(1), 554 (2016)CrossRefGoogle Scholar
  3. 3.
    Semenov, A., Zaikin, O., Otpuschennikov, I., Kochemazov, S., Ignatiev, A.: On cryptographic attacks using backdoors for SAT. In: Proceedings of AAAI 2018, pp. 6641–6648 (2018)Google Scholar
  4. 4.
    Cook, S.A.: The complexity of theorem-proving procedures. In: Proceedings of the Third Annual ACM Symposium on Theory of Computing, pp. 151–158. ACM (1971)Google Scholar
  5. 5.
    Biere, A., Heule, M., van Maaren, H., Walsh, T. (eds.): Handbook of Satisfiability, Frontiers in Artificial Intelligence and Applications, vol. 185. IOS Press (2009)Google Scholar
  6. 6.
    Anderson, R.: A5 (was: hacking digital phones). Newsgroup Communication (1994).
  7. 7.
    Gendrullis, T., Novotný, M., Rupp, A.: A real-world attack breaking A5/1 within hours. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 266–282. Springer, Heidelberg (2008). Scholar
  8. 8.
    Courtois, N.T., Bard, G.V.: Algebraic cryptanalysis of the data encryption standard. In: Galbraith, S.D. (ed.) Cryptography and Coding 2007. LNCS, vol. 4887, pp. 152–169. Springer, Heidelberg (2007). Scholar
  9. 9.
    Courtois, N.T., Gawinecki, J.A., Song, G.: Contradiction immunity and guess-then-determine attacks on GOST. Tatra Mountains Math. Publ. 53, 65–79 (2012)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Semenov, A., Zaikin, O., Bespalov, D., Posypkin, M.: Parallel logical cryptanalysis of the generator A5/1 in BNB-grid system. In: Malyshkin, V. (ed.) PaCT 2011. LNCS, vol. 6873, pp. 473–483. Springer, Heidelberg (2011). Scholar
  11. 11.
    Marques-Silva, J., Lynce, I., Malik, S.: Conflict-driven clause learning SAT solvers. In: Frontiers in Artificial Intelligence and Applications, vol. 85, pp. 131–153 (2009)Google Scholar
  12. 12.
    Boros, E., Hammer, P.L.: Pseudo-Boolean optimization. Discrete Appl. Math. 123(1–3), 155–225 (2002)MathSciNetCrossRefGoogle Scholar
  13. 13.
    King, J.C.: Symbolic execution and program testing. Commun. ACM 19(7), 385–394 (1976)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Metropolis, N., Ulam, S.: The Monte Carlo method. J. Am. Stat. Assoc. 44(247), 335–341 (1949)CrossRefGoogle Scholar
  15. 15.
    Rudolph, G.: Convergence Properties of Evolutionary Algorithms. Verlag Dr. Kovac, Hamburg (1997)zbMATHGoogle Scholar
  16. 16.
    Williams, R., Gomes, C.P., Selman, B.: Backdoors to typical case complexity. In: IJCAI 2003, pp. 1173–1178 (2003)Google Scholar
  17. 17.
    Menezes, A.J., Vanstone, S.A., Oorschot, P.C.V.: Handbook of Applied Cryptography, 1st edn. CRC Press Inc., Boca Raton (1996)CrossRefGoogle Scholar
  18. 18.
    Nohl, K.: Attacking Phone Privacy, pp. 1–6. Black Hat, Las Vegas (2010)Google Scholar
  19. 19.
    Cannière, C.: Trivium: a stream cipher construction inspired by block cipher design principles. In: Katsikas, S.K., López, J., Backes, M., Gritzalis, S., Preneel, B. (eds.) ISC 2006. LNCS, vol. 4176, pp. 171–186. Springer, Heidelberg (2006). Scholar
  20. 20.
    Raddum, H.: Cryptanalytic Results on Trivium. eSTREAM, ECRYPT Stream Cipher Project, Report 2006/039 (2006)Google Scholar
  21. 21.
    Maximov, A., Biryukov, A.: Two trivial attacks on Trivium. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 36–55. Springer, Heidelberg (2007). Scholar
  22. 22.
    Eibach, T., Pilz, E., Völkel, G.: Attacking Bivium using SAT solvers. In: Kleine Büning, H., Zhao, X. (eds.) SAT 2008. LNCS, vol. 4996, pp. 63–76. Springer, Heidelberg (2008). Scholar
  23. 23.
    Eibach, T., Völkel, G., Pilz, E.: Optimising Gröbner bases on Bivium. Math. Comput. Sci. 3(2), 159–172 (2010)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Soos, M., Nohl, K., Castelluccia, C.: Extending SAT solvers to cryptographic problems. In: Kullmann, O. (ed.) SAT 2009. LNCS, vol. 5584, pp. 244–257. Springer, Heidelberg (2009). Scholar
  25. 25.
    Huang, Z., Lin, D.: Attacking Bivium and Trivium with the characteristic set method. In: Nitaj, A., Pointcheval, D. (eds.) AFRICACRYPT 2011. LNCS, vol. 6737, pp. 77–91. Springer, Heidelberg (2011). Scholar
  26. 26.
    Castro Lechtaler, A., Cipriano, M., García, E., Liporace, J., Maiorano, A., Malvacio, E.: Model design for a reduced variant of a Trivium type stream cipher. J. Comput. Sci. Technol. 14(01), 55–58 (2014)Google Scholar
  27. 27.
    Teo, S.G., Wong, K.K.H., Bartlett, H., Simpson, L., Dawson, E.: Algebraic analysis of Trivium-like ciphers. In: Australasian Information Security Conference (ACSW-AISC 2014), vol. 149, pp. 77–81. Australian Computer Society (2014)Google Scholar
  28. 28.
    Günther, C.G.: Alternating step generators controlled by De Bruijn sequences. In: Chaum, D., Price, W.L. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 5–14. Springer, Heidelberg (1988). Scholar
  29. 29.
    Khazaei, S., Fischer, S., Meier, W.: Reduced complexity attacks on the alternating step generator. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 1–16. Springer, Heidelberg (2007). Scholar
  30. 30.
    Zeng, K., Yang, C.H., Rao, T.R.N.: On the Linear Consistency Test (LCT) in cryptanalysis with applications. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 164–174. Springer, New York (1990). Scholar
  31. 31.
    Zaikin, O., Kochemazov, S.: An improved SAT-based guess-and-determine attack on the alternating step generator. In: Nguyen, P., Zhou, J. (eds.) ISC 2017. LNCS, vol. 10599, pp. 21–38. Springer, Cham (2017). Scholar
  32. 32.
    Glover, F., Laguna, M.: Tabu Search. Kluwer Academic Publishers, Boston (1997)CrossRefGoogle Scholar
  33. 33.
    Yasumoto, T., Okuwaga, T.: ROKK 1.0.1. In: Belov, A., Diepold, D., Heule, M., Järvisalo, M. (eds.) SAT Competition 2014, p. 70 (2014)Google Scholar
  34. 34.
    Otpuschennikov, I., Semenov, A., Gribanova, I., Zaikin, O., Kochemazov, S.: Encoding cryptographic functions to SAT using TRANSALG system. In: ECAI 2016. FAIA, vol. 285, pp. 1594–1595 (2016)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Artem Pavlenko
    • 1
    Email author
  • Alexander Semenov
    • 2
  • Vladimir Ulyantsev
    • 1
  1. 1.ITMO UniversitySt. PetersburgRussia
  2. 2.Matrosov Institute for System Dynamics and Control Theory SB RASIrkutskRussia

Personalised recommendations