Paper 2022/399
The Inverse of $\chi$ and Its Applications to Rasta-like Ciphers
Fukang Liu, Santanu Sarkar, Willi Meier, and Takanori Isobe
Abstract
At ASIACRYPT 2021, Liu et al. pointed out a weakness of the Rasta-like ciphers neglected by the designers. The main strategy is to construct exploitable equations of the $n$-bit $\chi$ operation denoted by $\chi_n$. However, these equations are all obtained by first studying $\chi_n$ for small $n$. In this note, we demonstrate that if the explicit formula of the inverse of $\chi_n$ denoted by $\chi_n^{-1}$ is known, all these exploitable equations would have been quite obvious and the weakness of the Rasta-like ciphers could have been avoided at the design phase. However, the explicit formula of $\chi_n^{-1}$ seems to be not well-known and the most relevant work was published by Biryukov et al. at ASIACRYPT 2014. In this work, we give a very simple formula of $\chi_n^{-1}$ that can be written down in only one line and we prove its correctness in a rigorous way. Based on its formula, the formula of exploitable equations for Rasta-like ciphers can be easily derived and therefore more exploitable equations are found.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- Rastathe inverse of chiaffine varietyalgebraic attack
- Contact author(s)
-
liufukangs @ gmail com
willimeier48 @ gmail com
santanu @ iitm ac in
takanori isobe @ ai u-hyogo ac jp - History
- 2022-03-28: received
- Short URL
- https://ia.cr/2022/399
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/399,
author = {Fukang Liu and Santanu Sarkar and Willi Meier and Takanori Isobe},
title = {The Inverse of $\chi$ and Its Applications to Rasta-like Ciphers},
howpublished = {Cryptology {ePrint} Archive, Paper 2022/399},
year = {2022},
url = {https://eprint.iacr.org/2022/399}
}
