Skip to main content
SpringerLink
Log in

New Algorithm for Modeling S-box in MILP Based Differential and Division Trail Search

  • Conference paper
  • First Online:
Innovative Security Solutions for Information Technology and Communications (SecITC 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10543))

Included in the following conference series:

Abstract

This paper studies an automated differential-trail search against block ciphers in which the problem of finding the optimal trail is converted to one of finding the optimal solution in a mixed-integer-linear programming (MILP). The most difficult part is representing differential properties of an S-box, known as differential distribution table (DDT), with a system of inequalities. Previous work builds the system by using a general-purpose mathematical tool, SAGE Math. However, the generated system for general-purpose contains a lot of redundant inequalities for the purpose of differential-trail search, thus inefficient. Hence, an auxiliary algorithm was introduced to minimize the number of inequalities by hoping that it minimizes the runtime to solve the MILP. This paper proposes a new algorithm to improve this auxiliary algorithm. The main advantage is that while the previous algorithm does not ensure the minimum number of inequalities, the proposed algorithm does ensure it. Moreover it enables the users to choose the number of inequalities in the system. In addition, this paper experimentally shows that the above folklore “minimizing the number of inequalities minimizes the runtime” is not always correct. The proposed algorithm can also be used in the MILP-based division-trail search, which evaluates the bit-based division property for integral attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, New York (1993). doi:10.1007/978-1-4613-9314-6

    Book  MATH  Google Scholar 

  2. Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C.-K., Yung, M., Lin, D. (eds.) Inscrypt 2011. LNCS, vol. 7537, pp. 57–76. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34704-7_5

    Chapter  Google Scholar 

  3. Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74735-2_31

    Chapter  Google Scholar 

  4. Grosso, V., Leurent, G., Standaert, F.-X., Varıcı, K.: LS-designs: bitslice encryption for efficient masked software implementations. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 18–37. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46706-0_2

    Google Scholar 

  5. Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (Related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 158–178. Springer, Heidelberg (2014). doi:10.1007/978-3-662-45611-8_9

    Google Scholar 

  6. Sun, S., Hu, L., Wang, M., Wang, P., Qiao, K., Ma, X., Shi, D., Song, L., Fu, K.: Towards finding the best characteristics of some bit-oriented block ciphers and automatic enumeration of (related-key) differential and linear characteristics with predefined properties. Cryptology ePrint Archive, Report 2014/747 (2014)

    Google Scholar 

  7. Gong, Z., Nikova, S., Law, Y.W.: KLEIN: a new family of lightweight block ciphers. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 1–18. Springer, Heidelberg (2012). doi:10.1007/978-3-642-25286-0_1

    Chapter  Google Scholar 

  8. Shibutani, K., Isobe, T., Hiwatari, H., Mitsuda, A., Akishita, T., Shirai, T.: Piccolo: an ultra-lightweight blockcipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 342–357. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23951-9_23

    Chapter  Google Scholar 

  9. Suzaki, T., Minematsu, K., Morioka, S., Kobayashi, E.: TWINE: a lightweight block cipher for multiple platforms. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 339–354. Springer, Heidelberg (2013). doi:10.1007/978-3-642-35999-6_22

    Chapter  Google Scholar 

  10. Borghoff, J., et al.: PRINCE – a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 208–225. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34961-4_14

    Chapter  Google Scholar 

  11. Izadi, M., Sadeghiyan, B., Sadeghian, S.S., Khanooki, H.A.: MIBS: a new lightweight block cipher. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 334–348. Springer, Heidelberg (2009). doi:10.1007/978-3-642-10433-6_22

    Chapter  Google Scholar 

  12. Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED block cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23951-9_22

    Chapter  Google Scholar 

  13. Wu, W., Zhang, L.: LBlock: a lightweight block cipher. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 327–344. Springer, Heidelberg (2011). doi:10.1007/978-3-642-21554-4_19

    Chapter  Google Scholar 

  14. Biham, E., Anderson, R., Knudsen, L.: Serpent: a new block cipher proposal. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 222–238. Springer, Heidelberg (1998). doi:10.1007/3-540-69710-1_15

    Chapter  Google Scholar 

  15. Berger, T.P., Francq, J., Minier, M., Thomas, G.: Extended generalized Feistel networks using matrix representation to propose a new lightweight block cipher: lilliput. IEEE Trans. Comput. 65, 2074–2089 (2015)

    Article  MATH  MathSciNet  Google Scholar 

  16. Banik, S., Bogdanov, A., Isobe, T., Shibutani, K., Hiwatari, H., Akishita, T., Regazzoni, F.: Midori: a block cipher for low energy. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9453, pp. 411–436. Springer, Heidelberg (2015). doi:10.1007/978-3-662-48800-3_17

    Chapter  Google Scholar 

  17. Sasaki, Y., Todo, Y., Aoki, K., Naito, Y., Sugawara, T., Murakami, Y., Matsui, M.: Minalpher v1.1. Submitted to CAESAR (2015)

    Google Scholar 

  18. Zhang, W., Bao, Z., Lin, D., Rijmen, V., Yang, B., Verbauwhede, I.: RECTANGLE: a bit-slice lightweight block cipher suitable for multiple platforms. Cryptology ePrint Archive, Report 2014/084 (2014)

    Google Scholar 

  19. Beierle, C., et al.: The SKINNY family of block ciphers and its low-latency variant MANTIS. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 123–153. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53008-5_5

    Chapter  Google Scholar 

  20. Gurobi Optimization Inc.: Gurobi Optimizer 6.5. Official webpage (2015). http://www.gurobi.com/

  21. Gamrath, G., Fischer, T., Gally, T., Gleixner, A.M., Hendel, G., Koch, T., Maher, S.J., Miltenberger, M., Müller, B., Pfetsch, M.E., Puchert, C., Rehfeldt, D., Schenker, S., Schwarz, R., Serrano, F., Shinano, Y., Vigerske, S., Weninger, D., Winkler, M., Witt, J.T., Witzig, J.: The SCIP Optimization Suite 3.2. Technical report 15–60, ZIB, Takustr. 7, 14195 Berlin (2016)

    Google Scholar 

  22. Ilog, I.: IBM ILOG CPLEX Optimization Studio V12.7.0 documentation. Official webpage (2016). https://www-01.ibm.com/software/websphere/products/optimization/cplex-studio-community-edition/

  23. Sasaki, Y., Todo, Y.: New differential bounds and division property of shape lilliput: block cipher with extended generalized Feistel network. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, Springer, (to appear 2016). Pre-proceedings version was distributed at the workshop

    Google Scholar 

  24. Berger, T.P., Minier, M., Thomas, G.: Extended generalized feistel networks using matrix representation. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 289–305. Springer, Heidelberg (2014). doi:10.1007/978-3-662-43414-7_15

    Chapter  Google Scholar 

  25. Suzaki, T., Minematsu, K.: Improving the generalized feistel. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 19–39. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13858-4_2

    Chapter  Google Scholar 

  26. Todo, Y.: Structural evaluation by generalized integral property. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 287–314. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46800-5_12

    Google Scholar 

  27. Todo, Y., Morii, M.: Bit-based division property and application to Simon family. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 357–377. Springer, Heidelberg (2016). doi:10.1007/978-3-662-52993-5_18

    Chapter  Google Scholar 

  28. Xiang, Z., Zhang, W., Bao, Z., Lin, D.: Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 648–678. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53887-6_24

    Chapter  Google Scholar 

  29. Sun, L., Wang, W., Liu, R., Wang, M.: MILP-Aided Bit-Based Division Property for ARX-Based Block Cipher. Cryptology ePrint Archive, Report 2016/1101 (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NTT Secure Platform Laboratories, 3-9-11 Midori-cho, Musashino-shi, Tokyo, 180-8585, Japan

    Yu Sasaki & Yosuke Todo

Authors
  1. Yu Sasaki
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yosuke Todo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yu Sasaki .

Editor information

Editors and Affiliations

  1. École Normale Supérieure, Paris, France

    Pooya Farshim

  2. Polytechnic University of Bucharest, Bucharest, Romania

    Emil Simion

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Sasaki, Y., Todo, Y. (2017). New Algorithm for Modeling S-box in MILP Based Differential and Division Trail Search. In: Farshim, P., Simion, E. (eds) Innovative Security Solutions for Information Technology and Communications. SecITC 2017. Lecture Notes in Computer Science(), vol 10543. Springer, Cham. https://doi.org/10.1007/978-3-319-69284-5_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-69284-5_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-69283-8

  • Online ISBN: 978-3-319-69284-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation