Paper 2016/579

Automatic Search of Meet-in-the-Middle and Impossible Differential Attacks

Patrick Derbez and Pierre-Alain Fouque


Tracking bits through block ciphers and optimizing attacks at hand is one of the tedious task symmetric cryptanalysts have to deal with. It would be nice if a program will automatically handle them at least for well-known attack techniques, so that cryptanalysts will only focus on finding new attacks. However, current automatic tools cannot be used as is, either because they are tailored for specific ciphers or because they only recover a specific part of the attacks and cryptographers are still needed to finalize the analysis. In this paper we describe a generic algorithm exhausting the best meet-in-the-middle and impossible differential attacks on a very large class of block ciphers from byte to bit-oriented, SPN, Feistel and Lai-Massey block ciphers. Contrary to previous tools that target to find the best differential / linear paths in the cipher and leave the cryptanalysts to find the attack using these paths, we automatically find the best attacks by considering the cipher and the key schedule algorithms. The building blocks of our algorithm led to two algorithms designed to find the best simple meet-in-the-middle attacks and the best impossible truncated differential attacks respectively. We recover and improve many attacks on AES, mCRYPTON, SIMON, IDEA, KTANTAN, PRINCE and ZORRO. We show that this tool can be used by designers to improve their analysis.

Available format(s)
Publication info
Published by the IACR in CRYPTO 2016
automatic searchmeet-in-the-middleimpossible truncated differentialcryptanalysis
Contact author(s)
patrick derbez @ irisa fr
pierre-alain fouque @ irisa fr
2016-06-06: received
Short URL
Creative Commons Attribution


      author = {Patrick Derbez and Pierre-Alain Fouque},
      title = {Automatic Search of Meet-in-the-Middle and Impossible Differential Attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2016/579},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.