Skip to main content
SpringerLink
Log in

Automated Truncation of Differential Trails and Trail Clustering in ARX

  • Conference paper
  • First Online:
Selected Areas in Cryptography (SAC 2021)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13203))

Included in the following conference series:

Abstract

We propose a tool for automated truncation of differential trails in ciphers using modular addition, bitwise rotation, and XOR (ARX). The tool takes as input a differential trail and produces as output a set of truncated differential trails. The set represents all possible truncations of the input trail according to certain predefined rules. A linear-time algorithm for the exact computation of the differential probability of a truncated trail that follows the truncation rules is proposed. We further describe a method to merge the set of truncated trails into a compact set of non-overlapping truncated trails with associated probability and we demonstrate the application of the tool on block cipher Speck64.

We have also investigated the effect of clustering of differential trails around a fixed input trail. The best cluster that we have found for 15 rounds has probability \(2^{-55.03}\) (consisting of 389 unique output differences) which allows us to build a distinguisher using 128 times less data than the one based on just the single best trail, which has probability \(2^{-62}\). Moreover, we show examples for Speck64 where a cluster of trails around a suboptimal (in terms of probability) input trail results in higher overall probability compared to a cluster obtained around the best differential trail.

This work was supported by the Luxembourg National Research Fund (FNR) projects FinCrypt (C17/IS/11684537) and SP\(^2\) (PRIDE15/10621687/SPsquared).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://github.com/vesselinux/yaarx/blob/master/txt/arxtrunc.pdf .

  2. 2.

    There can be more than one input trail, provided that they share the same input difference.

  3. 3.

    In practical attacks the differential effect would increase these probabilities and make the distinguisher better.

  4. 4.

    For Speck, this is a consequence of the assumed Markov assumption.

References

  1. YAARX: Yet Another Toolkit for Analysis of ARX Cryptographic Algorithms (2012–2018). Source code: https://github.com/vesselinux/yaarx. Documentation: https://vesselinux.github.io/yaarx/index.html

  2. Ankele, R., Kölbl, S.: Mind the gap - a closer look at the security of block ciphers against differential cryptanalysis. In: Cid, C., Jacobson, M., Jr. (eds.) Selected Areas in Cryptography - SAC 2018. LNCS, vol. 11349, pp. 163–190. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-10970-7_8

    Chapter  Google Scholar 

  3. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK Families of Lightweight Block Ciphers. Cryptology ePrint Archive, Report 2013/404

    Google Scholar 

  4. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4, 3–72 (1991)

    Article  MathSciNet  Google Scholar 

  5. Biryukov, A., Roy, A., Velichkov, V.: Differential analysis of block ciphers SIMON and SPECK. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 546–570. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46706-0_28

    Chapter  Google Scholar 

  6. Biryukov, A., Velichkov, V.: Automatic search for differential trails in ARX ciphers. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 227–250. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-04852-9_12

    Chapter  MATH  Google Scholar 

  7. Biryukov, A., Velichkov, V., Le Corre, Y.: Automatic search for the best trails in ARX: application to block cipher Speck. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 289–310. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-52993-5_15

    Chapter  Google Scholar 

  8. De Cannière, C., Rechberger, C.: Finding SHA-1 characteristics: general results and applications. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 1–20. Springer, Heidelberg (2006). https://doi.org/10.1007/11935230_1

    Chapter  Google Scholar 

  9. Fu, K., Wang, M., Guo, Y., Sun, S., Hu, L.: MILP-based automatic search algorithms for differential and linear trails for speck. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 268–288. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-52993-5_14

    Chapter  Google Scholar 

  10. Huang, M., Wang, L.: Automatic tool for searching for differential characteristics in ARX ciphers and applications. In: Hao, F., Ruj, S., Sen Gupta, S. (eds.) INDOCRYPT 2019. LNCS, vol. 11898, pp. 115–138. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-35423-7_6

    Chapter  Google Scholar 

  11. Knudsen, L.R.: Truncated and higher order differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-60590-8_16

    Chapter  Google Scholar 

  12. Leurent, G.: Analysis of differential attacks in ARX constructions. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 226–243. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_15

    Chapter  MATH  Google Scholar 

  13. Leurent, G.: Construction of differential characteristics in ARX designs - application to skein. IACR Cryptol. ePrint Arch. 2012, 668 (2012)

    Google Scholar 

  14. Leurent, G.: Construction of differential characteristics in ARX designs application to skein. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 241–258. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_14

    Chapter  MATH  Google Scholar 

  15. Leurent, G., Peyrin, T.: SHA-1 is a shambles: first chosen-prefix collision on SHA-1 and application to the PGP web of trust. In: USENIX (2020)

    Google Scholar 

  16. Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 336–350. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45473-X_28

    Chapter  Google Scholar 

  17. Liu, Z., Li, Y., Jiao, L., Wang, M.: A new method for searching optimal differential and linear trails in ARX ciphers. Cryptology ePrint Archive, Report 2019/1438

    Google Scholar 

  18. Mendel, F., Nad, T., Schläffer, M.: Finding SHA-2 characteristics: searching through a minefield of contradictions. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 288–307. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25385-0_16

    Chapter  Google Scholar 

  19. Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C.-K., Yung, M., Lin, D. (eds.) Inscrypt 2011. LNCS, vol. 7537, pp. 57–76. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34704-7_5

    Chapter  MATH  Google Scholar 

  20. Song, L., Huang, Z., Yang, Q.: Automatic differential analysis of ARX Block ciphers with application to SPECK and LEA. In: Liu, J.K., Steinfeld, R. (eds.) ACISP 2016. LNCS, vol. 9723, pp. 379–394. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40367-0_24

    Chapter  Google Scholar 

  21. Stevens, M.: New collision attacks on SHA-1 based on optimal joint local-collision analysis. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 245–261. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_15

    Chapter  Google Scholar 

  22. Sun, S., et al.: Towards finding the best characteristics of some bit-oriented block ciphers and automatic enumeration of (related-key) differential and linear characteristics with predefined properties. Cryptology ePrint Archive, Report 2014/747

    Google Scholar 

  23. Sun, S., Hu, L., Wang, M., Yang, Q., Qiao, K., Ma, X., Song, L., Shan, J.: Extending the applicability of the mixed-integer programming technique in automatic differential cryptanalysis. In: Lopez, J., Mitchell, C.J. (eds.) ISC 2015. LNCS, vol. 9290, pp. 141–157. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23318-5_8

    Chapter  Google Scholar 

Download references

Acknowledgements

The authors thank the anonymous reviewers for their time and for the insightful comments and corrections. Luan Cardoso dos Santos was supported by the Luxembourg National Research Fund project SP\(^2\) (PRIDE15/10621687/SPsquared). Daniel Feher and Giuseppe Vitto were supported by the Luxembourg National Research Fund project FinCrypt (C17/IS/11684537).

Alex Biryukov, Luan Cardoso dos Santos and Vesselin Velichkov have significant contribution to the sections on the simple rules for truncation (Sect. 3), probability computation using simple rules (Sect. 4) and merging of differential trails produced with simple rules (Sect. 5). Daniel Feher and Giuseppe Vitto have significant contribution to the sections on relaxed rules for truncation (Sect. 6), the statistical analysis of the distinguishing advantage (Sect. 8) and on the best distinguisher for Speck64 (Sect. 9).

Author information

Authors and Affiliations

  1. University of Luxembourg, Esch-sur-Alzette, Luxembourg

    Alex Biryukov, Luan Cardoso dos Santos, Daniel Feher & Giuseppe Vitto

  2. University of Edinburgh, Edinburgh, UK

    Vesselin Velichkov

Authors
  1. Alex Biryukov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Luan Cardoso dos Santos
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniel Feher
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Vesselin Velichkov
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Giuseppe Vitto
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vesselin Velichkov .

Editor information

Editors and Affiliations

  1. University of Victoria, Victoria, BC, Canada

    Riham AlTawy

  2. Eindhoven University of Technology, Eindhoven, The Netherlands

    Andreas Hülsing

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Biryukov, A., dos Santos, L.C., Feher, D., Velichkov, V., Vitto, G. (2022). Automated Truncation of Differential Trails and Trail Clustering in ARX. In: AlTawy, R., Hülsing, A. (eds) Selected Areas in Cryptography. SAC 2021. Lecture Notes in Computer Science, vol 13203. Springer, Cham. https://doi.org/10.1007/978-3-030-99277-4_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-99277-4_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-99276-7

  • Online ISBN: 978-3-030-99277-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation