Paper 2024/298
New Models for the Cryptanalysis of ASCON
, Univ Rennes, Inria, CNRS, IRISAAbstract
This paper focuses on the cryptanalysis of the ASCON family using automatic tools. We analyze two different problems with the goal to obtain new modelings, both simpler and less computationally heavy than previous works (all our models require only a small amount of code and run on regular desktop computers). The first problem is the search for Meet-in-the-middle attacks on reduced-round ASCON-Hash. Starting from the MILP modeling of Qin et al. (EUROCRYPT 2023 & ePrint 2023), we rephrase the problem in SAT, which accelerates significantly the solving time and removes the need for the ``weak diffusion structure'' heuristic. This allows us to reduce the memory complexity of Qin et al.'s attacks and to prove some optimality results. The second problem is the search for lower bounds on the probability of differential characteristics for the ASCON permutation. We introduce a lossy MILP encoding of the propagation rules based on the Hamming weight, in order to find quickly lower bounds which are comparable to the state of the art. We find a small improvement over the existing bound on 7 rounds.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- ASCONMITM AttacksDifferential CryptanalysisMILPSAT
- Contact author(s)
-
mathieu degre @ inria fr
patrick derbez @ irisa fr
lucie lahaye @ ens-lyon fr
andre schrottenloher @ inria fr - History
- 2024-02-23: approved
- 2024-02-21: received
- See all versions
- Short URL
- https://ia.cr/2024/298
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/298,
author = {Mathieu Degré and Patrick Derbez and Lucie Lahaye and André Schrottenloher},
title = {New Models for the Cryptanalysis of {ASCON}},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/298},
year = {2024},
url = {https://eprint.iacr.org/2024/298}
}
