Paper 2016/826

Rotational Cryptanalysis in the Presence of Constants

Tomer Ashur and Yunwen Liu

Abstract

Rotational cryptanalysis is a statistical method for attacking ARX constructions. It was previously shown that ARX-C, i.e., ARX with the injection of constants can be used to implement any function. In this paper we investigate how rotational cryptanalysis is affected when constants are injected into the state. We introduce the notion of an RX-difference, generalizing the idea of a rotational difference. We show how RX-differences behave around modular addition, and give a formula to calculate their transition probability. We experimentally verify the for- mula using Speck32/64, and present a 7-round distinguisher based on RX-differences. We then discuss two types of constants: round constants, and constants which are the result of using a fixed key, and provide recommendations to designers for optimal choice of parameters.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
Rotational cryptanalysisARXRX-difference
Contact author(s)
yunwen liu @ esat kuleuven be
History
2016-09-19: revised
2016-08-30: received
See all versions
Short URL
https://ia.cr/2016/826
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2016/826,
      author = {Tomer Ashur and Yunwen Liu},
      title = {Rotational Cryptanalysis in the Presence of Constants},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/826},
      year = {2016},
      url = {https://eprint.iacr.org/2016/826}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.