[Resource Topic] 2022/765: Rotational Differential-Linear Distinguishers of ARX Ciphers with Arbitrary Output Linear Masks

Resource Secret-key cryptography
#1

Welcome to the resource topic for 2022/765

Title:
Rotational Differential-Linear Distinguishers of ARX Ciphers with Arbitrary Output Linear Masks

Authors: Zhongfeng Niu, Siwei Sun, Yunwen Liu, and Chao Li

Abstract:

The rotational differential-linear attacks, proposed at EUROCRYPT 2021, is a generalization of differential-linear attacks by replacing the differential part of the attacks with rotational differentials. At EUROCRYPT 2021, Liu et al. presented a method based on Morawiecki et al.’s technique (FSE 2013) for evaluating the rotational differential-linear correlations for the special cases where the output linear masks are unit vectors. With this method, some powerful (rotational) differential-linear distinguishers with output linear masks being unit vectors against Friet, Xoodoo, and Alzette were discovered. However, how to compute the rotational differential-linear correlations for arbitrary output masks was left open. In this work, we partially solve this open problem by presenting an efficient algorithm for computing the (rotational) differential-linear correlation of modulo additions for arbitrary output linear masks, based on which a technique for evaluating the (rotational) differential-linear correlation of ARX ciphers is derived. We apply the technique to Alzette, Siphash, Chacha, and Speck. As a result, significantly improved (rotational) differential-linear distinguishers including deterministic ones are identified. All results of this work are practical and experimentally verified to confirm the validity of our methods. In addition, we try to explain the experimental distinguishers employed in FSE 2008, FSE 2016, and CRYPTO 2020 against Chacha. The predicted correlations are close to the experimental ones.

ePrint: https://eprint.iacr.org/2022/765

Talk: https://www.youtube.com/watch?v=SORQ6lwLq7E

Slides: https://iacr.org/submit/files/slides/2022/crypto/crypto2022/144/slides.pdf

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .