Cryptology ePrint Archive: Report 2016/826

Rotational Cryptanalysis in the Presence of Constants

Tomer Ashur and Yunwen Liu

Abstract: Rotational cryptanalysis is a statistical method for attacking ARX constructions. It was previously shown that ARX-C, i.e., ARX with the injection of constants can be used to implement any function. In this paper we investigate how rotational cryptanalysis is affected when constants are injected into the state. We introduce the notion of an RX-difference, generalizing the idea of a rotational difference. We show how RX-differences behave around modular addition, and give a formula to calculate their transition probability. We experimentally verify the for- mula using Speck32/64, and present a 7-round distinguisher based on RX-differences. We then discuss two types of constants: round constants, and constants which are the result of using a fixed key, and provide recommendations to designers for optimal choice of parameters.

Category / Keywords: secret-key cryptography / Rotational cryptanalysis, ARX, RX-difference

Date: received 25 Aug 2016, last revised 19 Sep 2016

Contact author: yunwen liu at esat kuleuven be

Available format(s): PDF | BibTeX Citation

Version: 20160919:122748 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]