We study the additive differential probabilities adp⊗k of compositions of k - 1 bitwise XORs. For vectors α1,...,αk+1 ℤ2n, it is defined as the probability of transformation input differences al,...,ak to the output difference ak+1 by the function x1 ⊗ ... ⊗ xk, where x1,... ,xk ℤ2n and k ≥ 2. It is used for differential cryptanalysis of symmetric-key primitives, such as Addition-Rotation-XOR constructions. Several results which are known for adp⊗2 are generalized for adp⊗k . Some argument symmetries are proven for adp⊗k . Recurrence formulas which allow us to reduce the dimension of the arguments are obtained. All impossible differentials as well as all differentials of adp⊗k with the probability 1 are found. For even k, it is proven that max max adp⊗k (α1,..., αk → αk+1) = adp⊗k (0,..., 0, αk+1 → αk+1). Matrices that can α1,...,αk be used for efficient calculating adp⊗k are constructed. It is also shown that the cases of even and odd k differ significantly.
Download file
Counter downloads: 7
- Title On additive differential probabilities of a composition of bitwise XORs
- Headline On additive differential probabilities of a composition of bitwise XORs
- Publesher
Tomsk State University - Issue Prikladnaya Diskretnaya Matematika - Applied Discrete Mathematics 60
- Date:
- DOI 10.17223/20710410/60/5
Keywords
ARX, XOR, additive differential probabilities, differential cryptanalysisAuthors
References
Shimizu A. and Miyaguchi S. Fast Data Encipherment Algorithm (FEAL). LNCS, 1988, vol. 304, pp. 267-278.
Ferguson N., Lucks S., Schneier B., et al. http://www.skein-hash.info - The Skein Hash Function Family, 2009.
Bernstein D. J. https://cr.yp.to/snuffle/spec.pdf - Salsa20 specification, 2005.
Bernstein D. J. https://cr.yp.to/chacha/chacha-20080128.pdf - ChaCha, a variant of Salsa20, 2008.
Aumasson J.-P., Meier W., Phan R.C.-W., and Henzen L. The Hash Function BLAKE. Berlin; Heidelberg, Springer, 2014.
Biham E. and Shamir A. Differential cryptanalysis of DES-like cryptosystems. J. Cryptology, 1991, vol. 4, no. 1, pp. 3-72.
Malyshev F. M. Veroyatnostnye kharakteristiki raznostnykh sootnosheniy dlya neodnorodnoy lineynoy sredy [Probabilistic characteristics of differential and linear relations for nonhomogeneous linear medium]. Matematicheskie Voprosy Kriptografii, 2019, vol. 10, no.1, pp. 41-72. (in Russian).
Malyshev F. M. Raznostnye kharakteristiki osnovnykh operatsiy ARX-shifrov [Differential characteristics of base operations in ARX-ciphers]. Matematicheskie Voprosy Kriptografii, 2020, vol. 11, no.4, pp. 97-105. (in Russian).
Leurent G. Analysis of differential attacks in ARX constructions. LNCS, 2012, vol. 7658, pp. 226-243.
Leurent G. Construction of differential characteristics in ARX designs application to Skein. LNCS, 2013, vol. 8042, pp. 241-258.
Mouha N., Kolomeec N., Tokareva N., et al. Maximums of the additive differential probability of exclusive-or with one fixed argument. IACR Trans. Symmetric Cryptology, 2021, vol. 2021, no. 2, pp. 292-313.
Velichkov V., Mouha N., De Canniere C., and Preneel B. The additive differential probability of ARX. LNCS, 2011, vol. 6733, pp.342-358.
Gligoroski D., 0degard R. S., Mihova M., et al. Cryptographic hash function Edon-R'. Proc. 1st Intern. Workshop on Security and Communication Networks, Trondheim, Norway, 2009, pp. 1-9.
Lipmaa H., Wallen J., and Dumas P. On the additive differential probability of Exclusive-Or. LNCS, 2004, vol. 3017, pp. 317-331.
Mouha N., Velichkov V., De Canniere C., and Preneel B. The differential analysis of S-functions. LNCS, 2011, vol. 6544, pp. 36-56.
Gorodilova A., Tokareva N., Agievich S., et al. An overview of the eight international olympiad in cryptography "Non-Stop University Crypto". Siberian Electronic Math. Reports, 2022, vol. 19, no. 1, pp. А9-А37.
Agievich S. V., Gorodilova A. A., Tokareva N. N., et al. Problems, solutions and experience of the first international student's Olympiad in cryptography. Prikladnaya Diskretnaya Matematika, 2015, no.3, pp. 41-62.
On additive differential probabilities of a composition of bitwise XORs | Prikladnaya Diskretnaya Matematika - Applied Discrete Mathematics. 2023. № 60. DOI: 10.17223/20710410/60/5
Download full-text version
Counter downloads: 128