Paper 2022/399

The Inverse of χ and Its Applications to Rasta-like Ciphers

Fukang Liu, Santanu Sarkar, Willi Meier, and Takanori Isobe

Abstract

At ASIACRYPT 2021, Liu et al. pointed out a weakness of the Rasta-like ciphers neglected by the designers. The main strategy is to construct exploitable equations of the n-bit χ operation denoted by χn. However, these equations are all obtained by first studying χn for small n. In this note, we demonstrate that if the explicit formula of the inverse of χn denoted by χn1 is known, all these exploitable equations would have been quite obvious and the weakness of the Rasta-like ciphers could have been avoided at the design phase. However, the explicit formula of χn1 seems to be not well-known and the most relevant work was published by Biryukov et al. at ASIACRYPT 2014. In this work, we give a very simple formula of χn1 that can be written down in only one line and we prove its correctness in a rigorous way. Based on its formula, the formula of exploitable equations for Rasta-like ciphers can be easily derived and therefore more exploitable equations are found.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Rastathe inverse of chiaffine varietyalgebraic attack
Contact author(s)
liufukangs @ gmail com
willimeier48 @ gmail com
santanu @ iitm ac in
takanori isobe @ ai u-hyogo ac jp
History
2022-03-28: received
Short URL
https://ia.cr/2022/399
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/399,
      author = {Fukang Liu and Santanu Sarkar and Willi Meier and Takanori Isobe},
      title = {The Inverse of $\chi$ and Its Applications to Rasta-like Ciphers},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/399},
      year = {2022},
      url = {https://eprint.iacr.org/2022/399}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.