Paper 2022/765

Rotational Differential-Linear Distinguishers of ARX Ciphers with Arbitrary Output Linear Masks

Zhongfeng Niu, University of Chinese Academy of Sciences
Siwei Sun, University of Chinese Academy of Sciences
Yunwen Liu
Chao Li, National University of Defense Technology
Abstract

The rotational differential-linear attacks, proposed at EUROCRYPT 2021, is a generalization of differential-linear attacks by replacing the differential part of the attacks with rotational differentials. At EUROCRYPT 2021, Liu et al. presented a method based on Morawiecki et al.’s technique (FSE 2013) for evaluating the rotational differential-linear correlations for the special cases where the output linear masks are unit vectors. With this method, some powerful (rotational) differential-linear distinguishers with output linear masks being unit vectors against Friet, Xoodoo, and Alzette were discovered. However, how to compute the rotational differential-linear correlations for arbitrary output masks was left open. In this work, we partially solve this open problem by presenting an efficient algorithm for computing the (rotational) differential-linear correlation of modulo additions for arbitrary output linear masks, based on which a technique for evaluating the (rotational) differential-linear correlation of ARX ciphers is derived. We apply the technique to Alzette, Siphash, Chacha, and Speck. As a result, significantly improved (rotational) differential-linear distinguishers including deterministic ones are identified. All results of this work are practical and experimentally verified to confirm the validity of our methods. In addition, we try to explain the experimental distinguishers employed in FSE 2008, FSE 2016, and CRYPTO 2020 against Chacha. The predicted correlations are close to the experimental ones.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A major revision of an IACR publication in CRYPTO 2022
Keywords
Rotational differential-linear Correlation ARX Alzette Siphash Speck Chacha
Contact author(s)
niuzhongfeng @ iie ac cn
siweisun isaac @ gmail com
History
2022-06-16: approved
2022-06-14: received
See all versions
Short URL
https://ia.cr/2022/765
License
No rights reserved
CC0

BibTeX

@misc{cryptoeprint:2022/765,
      author = {Zhongfeng Niu and Siwei Sun and Yunwen Liu and Chao Li},
      title = {Rotational Differential-Linear Distinguishers of ARX Ciphers with Arbitrary Output Linear Masks},
      howpublished = {Cryptology ePrint Archive, Paper 2022/765},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/765}},
      url = {https://eprint.iacr.org/2022/765}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.