Paper 2014/563
Analysis of Boomerang Differential Trails via a SAT-Based Constraint Solver URSA
Aleksandar Kircanski
Abstract
In order to obtain differential patterns over many rounds of a cryptographic primitive, the cryptanalyst often needs to work on local differential trail analysis. Examples include merging two differential trail parts into one or, in the case of boomerang and rectangle attacks, connecting two short trails within the quartet boomerang setting. In the latter case, as shown by Murphy in 2011, caution should be exercised as there is increased chance of running into contradictions in the middle rounds of the primitive. In this paper, we propose the use of a SAT-based constraint solver URSA as aid in analysis of differential trails and find that previous rectangle/boomerang attacks on XTEA and SHACAL-1 block ciphers and SM3 hash function are based on incompatible trails. Given the C specification of the cryptographic primitive, verifying differential trail portions requires minimal work on the side of the cryptanalyst.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Preprint. MINOR revision.
- Contact author(s)
- akircanski @ gmail com
- History
- 2014-07-18: received
- Short URL
- https://ia.cr/2014/563
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2014/563, author = {Aleksandar Kircanski}, title = {Analysis of Boomerang Differential Trails via a {SAT}-Based Constraint Solver {URSA}}, howpublished = {Cryptology {ePrint} Archive, Paper 2014/563}, year = {2014}, url = {https://eprint.iacr.org/2014/563} }