XS-cir-cuits' properties related to the guaranteed number of activations
The guaranteed number of activations (GNA) is an important characteristic that determines the efficiency of differential cryptanalysis of a given XS-circuit. In the paper, we propose an approach to optimize the known GNA calculation algorithm based on the branch and bound method and the analysis of special matrices that define the XS-circuit. Now, it is possible to compute GNA for more than 30 rounds, which would take significantly longer if the original algorithm were used. The optimized algorithm was used for exhaustive enumeration of low-dimensional XS-schemes. We prove that the canonical forms of the XS-circuit and its dual coincide, which provides a strict connection between the guaranteed number of linear and differential activations. Based on computational experiments, several hypotheses have been proposed. One of the hypotheses is that there are no XS-circuits of dimension greater than two that achieve an optimal GNA in every round.
Keywords
guaranteed number of activations, XS-circuit, differential cryptanalysis, linear cryptanalysis, branch and bound methodAuthors
| Name | Organization | |
| Parfenov Denis R. | Novosibirsk State University | d.parfenov@g.nsu.ru |
| Bakharev Alexandr O. | Institute of Mathematics. S. L. Sobolev SB RAS; Novosibirsk State University | a.bakharev@g.nsu.ru |
| Kutsenko Alexandr V. | Institute of Mathematics. S. L. Sobolev SB RAS; Novosibirsk State University | alexandrkutsenko@bk.ru |
| Belov Alexandr R. | Yaroslavl State University | ashmedey@gmail.com |
| Atutova Natalia D. | Institute of Mathematics. S. L. Sobolev SB RAS; Novosibirsk State University | n.atutova@g.nsu.ru |
References
XS-cir-cuits' properties related to the guaranteed number of activations | Applied Discrete Mathematics. Supplement. 2022. № 15. DOI: 10.17223/2226308X/15/16
