Welcome to the resource topic for 2025/1249
Title:
An Automated Model to Search For Differential Meet-In-The-Middle Attack: Applications to AndRX Ciphers
Authors: Debasmita Chakraborty, Soumya Sahoo, Phuong Hoa Nguyen, Santanu Sarkar
Abstract:Differential meet-in-the-middle (MITM) cryptanalysis, recently introduced
by Boura et al., has emerged as a powerful and versatile technique for assessing the
security of modern block cipher designs. Since its introduction, this method has
been effectively applied to a variety of block ciphers, including different variants of
SKINNY, CRAFT, and AES. However, identifying such attacks manually–especially on
bit-oriented ciphers with large block sizes–can be a complex and error-prone process,
which underscores the growing importance of automated solutions in this domain.
In this work, we present, for the first time to the best of our knowledge, a novel
and efficient automated tool for constructing optimized differential MITM attacks on
bit-oriented block ciphers, with a particular focus on AndRX designs. Our framework
begins by modeling an efficient constraint programming (CP) model to search for
single-key optimal differential trails in AndRX ciphers. Building on this, we propose
a unified bitwise CP model to automatically construct optimized differential MITM
attacks within the same design framework. Furthermore, we incorporate two dedicated optimization strategies–namely, the equivalent subkey technique and the selective key guessing technique–both of which are tailored to the structural properties of AndRX ciphers and significantly enhance key recovery efficiency. Additionally, we also apply two additional optimization techniques: the parallel partitioning technique and the reducing data with imposed conditions techniques to further enhance the differential MITM attack on AndRX ciphers.
To demonstrate the practical effectiveness of our tool, we apply it to all versions of SIMON and Simeck, two widely studied
representatives of the AndRX family, and report improved cryptanalytic results. Specifically, we present differential MITM attacks on SIMON-32-64, SIMON-48-96,
SIMON-64-128, and SIMON-96-144, covering 23, 25, 32, and 38 rounds, respectively. All of these results represent improvements in the number of attacked rounds compared to the best known differential attacks, classical meet-in-the-middle (MITM), and Demirci-Selçuk MITM (DS-MITM) attacks on the corresponding versions of SIMON.
For instance, we present a 37-round differential MITM attack on SIMON-96-144,
which extends the best known differential, classical MITM, and DS-MITM attacks
by 1, 17, and 18 rounds, respectively. In the case of Simeck, we report a 29-round
differential MITM attack on Simeck-48-96, improving the previous best differential
attack by one round. These results demonstrate the strength and versatility of our
automated tool. Importantly, our automated method for constructing differential MITM attacks operates at the bit level and is generic in nature, making it applicable
to a broad class of bit-oriented block ciphers beyond the AndRX family.
ePrint: https://eprint.iacr.org/2025/1249
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .