Paper 2014/317

Analysis of NORX: Investigating Differential and Rotational Properties

Jean-Philippe Aumasson, Philipp Jovanovic, and Samuel Neves

Abstract

This paper presents a thorough analysis of the AEAD scheme NORX, focussing on differential and rotational properties. We first introduce mathematical models that describe differential propagation with respect to the non-linear operation of NORX. Afterwards, we adapt a framework previously proposed for ARX designs allowing us to automatise the search for differentials and characteristics. We give upper bounds on the differential probability for a small number of steps of the NORX core permutation. For example, in a scenario where an attacker can only modify the nonce during initialisation, we show that characteristics have probabilities of less than (-bit) and (-bit) after only one round. Furthermore, we describe how we found the best characteristics for four rounds, which have probabilities of (-bit) and (-bit), respectively. Finally, we discuss some rotational properties of the core permutation which yield some first, rough bounds and can be used as a basis for future studies.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Minor revision. Latincrypt 2014
Keywords
NORXAEADLRXdifferential cryptanalysisrotational cryptanalysis
Contact author(s)
jovanovic @ fim uni-passau de
History
2014-10-02: revised
2014-05-06: received
See all versions
Short URL
https://ia.cr/2014/317
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2014/317,
      author = {Jean-Philippe Aumasson and Philipp Jovanovic and Samuel Neves},
      title = {Analysis of {NORX}: Investigating Differential and Rotational Properties},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/317},
      year = {2014},
      url = {https://eprint.iacr.org/2014/317}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.