### The Inverse of $\chi$ and Its Applications to Rasta-like Ciphers

Fukang Liu, Santanu Sarkar, Willi Meier, and Takanori Isobe

##### Abstract

At ASIACRYPT 2021, Liu et al. pointed out a weakness of the Rasta-like ciphers neglected by the designers. The main strategy is to construct exploitable equations of the $n$-bit $\chi$ operation denoted by $\chi_n$. However, these equations are all obtained by first studying $\chi_n$ for small $n$. In this note, we demonstrate that if the explicit formula of the inverse of $\chi_n$ denoted by $\chi_n^{-1}$ is known, all these exploitable equations would have been quite obvious and the weakness of the Rasta-like ciphers could have been avoided at the design phase. However, the explicit formula of $\chi_n^{-1}$ seems to be not well-known and the most relevant work was published by Biryukov et al. at ASIACRYPT 2014. In this work, we give a very simple formula of $\chi_n^{-1}$ that can be written down in only one line and we prove its correctness in a rigorous way. Based on its formula, the formula of exploitable equations for Rasta-like ciphers can be easily derived and therefore more exploitable equations are found.

Available format(s)
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Rastathe inverse of chiaffine varietyalgebraic attack
Contact author(s)
liufukangs @ gmail com
willimeier48 @ gmail com
santanu @ iitm ac in
takanori isobe @ ai u-hyogo ac jp
History
Short URL
https://ia.cr/2022/399

CC BY

BibTeX

@misc{cryptoeprint:2022/399,
author = {Fukang Liu and Santanu Sarkar and Willi Meier and Takanori Isobe},
title = {The Inverse of $\chi$ and Its Applications to Rasta-like Ciphers},
howpublished = {Cryptology ePrint Archive, Paper 2022/399},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/399}},
url = {https://eprint.iacr.org/2022/399}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.