Paper 2022/701

Truncated Boomerang Attacks and Application to AES-based Ciphers

Augustin Bariant, French Institute for Research in Computer Science and Automation
Gaëtan Leurent, French Institute for Research in Computer Science and Automation

The boomerang attack is a cryptanalysis technique that combines two short differentials instead of using a single long differential. It has been applied to many primitives, and results in the best known attacks against several AES-based ciphers (Kiasu-BC, Deoxys-BC). In this paper, we introduce a general framework for boomerang attacks with truncated differentials. While the underlying ideas are already known, we show that a careful analysis provides a significant improvement over the best boomerang attacks in the literature. In particular, we take into account structures on the plaintext and ciphertext sides, and include an analysis of the key recovery step. On 6-round AES, we obtain a structural distinguisher with complexity $2^{87}$ and a key recovery attack with complexity $2^{61}$. The truncated boomerang attacks is particularly effective against tweakable AES variants. We apply it to 8-round Kiasu-BC, resulting in the best known attack with complexity $2^{83}$ (rather than $2^{103}$). We also show an interesting use of the 6-round distinguisher on TNT-AES, a tweakable block-cipher using 6-round AES as a building block. Finally, we apply this framework to Deoxys-BC, using a MILP model to find optimal trails automatically. We obtain the best attacks against round-reduced versions of all variants of Deoxys-BC.

Available format(s)
Secret-key cryptography
Publication info
Truncated differential boomerang attack AES KIASU Deoxys TNT-AES
Contact author(s)
augustin bariant @ inria fr
gaetan leurent @ inria fr
2022-06-06: approved
2022-06-02: received
See all versions
Short URL
No rights reserved


      author = {Augustin Bariant and Gaëtan Leurent},
      title = {Truncated Boomerang Attacks and Application to AES-based Ciphers},
      howpublished = {Cryptology ePrint Archive, Paper 2022/701},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.