Paper 2018/142

MILP-Aided Related-Tweak/Key Impossible Differential Attack and Its applications to QARMA, Joltik-BC

Rui Zong and Xiaoyang Dong


In this paper, we study the relation of single-key impossible differentials with the related-tweakey/key ones and propose an interesting algorithm that can efficiently derive longer related-tweakey/key impossible differentials from single-key ones. With application of the MILP technique, the algorithm can be converted an automatic tool for searching related-tweakey/key impossible differentials. We use this automatic tool to analyze QARMA-64 and give a 11-round key recovery attack, which attacks one more round than the best previous result. Moreover, we also analyze Joltik-BC-128, a internal tweakable block cipher of an authenticated encryption candidate of the CAESAR competition Joltik and our result can attack two more rounds than the result given by the cipher designers.

Available format(s)
Secret-key cryptography
Publication info
Preprint. Minor revision.
Tweakable block cipherImpossible differential attackRelated-TweakeyMILPTweakey framework
Contact author(s)
zongrui3 @ 163 com
2019-09-24: revised
2018-02-08: received
See all versions
Short URL
Creative Commons Attribution


      author = {Rui Zong and Xiaoyang Dong},
      title = {MILP-Aided Related-Tweak/Key Impossible Differential Attack and Its applications to QARMA, Joltik-BC},
      howpublished = {Cryptology ePrint Archive, Paper 2018/142},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.