Paper 2023/181

Fully Automated Differential-Linear Attacks against ARX Ciphers

Emanuele Bellini, Technology Innovation Institute
David Gerault, Technology Innovation Institute
Juan Grados, Technology Innovation Institute
Rusydi Makarim, Technology Innovation Institute
Thomas Peyrin, Nanyang Technological University

In this paper, we present a fully automated tool for differential-linear attacks using Mixed-Integer Linear Programming (MILP) and Mixed-Integer Quadratic Constraint Programming (MIQCP) techniques, which is, to the best of our knowledge, the very first attempt to fully automate such attacks. We use this tool to improve the correlations of the best 9 and 10-round differential-linear distinguishers on Speck32/64, and reach 11 rounds for the first time. Furthermore, we improve the latest 14-round key-recovery attack against Speck32/64, using differential-linear distinguishers obtained with our MILP/MIQCP tool. The techniques we present are generic and can be applied to other ARX ciphers as well.

Available format(s)
Attacks and cryptanalysis
Publication info
Published elsewhere. CT-RSA
Speck32/64differential-linear cryptanalysisMILPMIQCP
Contact author(s)
emanuele bellini @ tii ae
david gerault @ tii ae
juan grados @ tii ae
rusydi makarim @ tii ae
thomas peyrin @ ntu edu sg
2023-02-15: approved
2023-02-13: received
See all versions
Short URL
No rights reserved


      author = {Emanuele Bellini and David Gerault and Juan Grados and Rusydi Makarim and Thomas Peyrin},
      title = {Fully Automated Differential-Linear Attacks against ARX Ciphers},
      howpublished = {Cryptology ePrint Archive, Paper 2023/181},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.