Skip to main content
SpringerLink
Log in

Automatic Search for Differential Trails in ARX Ciphers

  • Conference paper
Book cover Topics in Cryptology – CT-RSA 2014 (CT-RSA 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8366))

Included in the following conference series:

Abstract

We propose a tool for automatic search for differential trails in ARX ciphers. By introducing the concept of a partial difference distribution table (pDDT) we extend Matsui’s algorithm, originally proposed for DES-like ciphers, to the class of ARX ciphers. To the best of our knowledge this is the first application of Matsui’s algorithm to ciphers that do not have S-boxes. The tool is applied to the block ciphers TEA, XTEA, SPECK and RAIDEN. For RAIDEN we find an iterative characteristic on all 32 rounds that can be used to break the full cipher using standard differential cryptanalysis. This is the first cryptanalysis of the cipher in a non-related key setting. Differential trails on 9, 10 and 13 rounds are found for SPECK32, SPECK48 and SPECK64 respectively. The 13 round trail covers half of the total number of rounds. These are the first public results on the security analysis of SPECK. For TEA multiple full (i.e. not truncated) differential trails are reported for the first time, while for XTEA we confirm the previous best known trail reported by Hong et al.,. We also show closed formulas for computing the exact additive differential probabilities of the left and right shift operations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aumasson, J.-P., Bernstein, D.J.: SipHash: a fast short-input PRF. IACR Cryptology ePrint Archive, 2012:351 (2012)

    Google Scholar 

  2. Aumasson, J.-P., Henzen, L., Meier, W., Phan, R.C.-W.: SHA-3 proposal BLAKE. Submission to the NIST SHA-3 Competition, Round 2 (2008)

    Google Scholar 

  3. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK Families of Lightweight Block Ciphers. Cryptology ePrint Archive, Report 2013/404 (2013), http://eprint.iacr.org/

  4. Bernstein, D.J.: The Salsa20 Family of Stream Ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  5. Biham, E., Shamir, A.: Differential Cryptanalysis of DES-like Cryptosystems. J. Cryptology 4(1), 3–72 (1991)

    Article  MATH  MathSciNet  Google Scholar 

  6. Bogdanov, A., Wang, M.: Zero Correlation Linear Cryptanalysis with Reduced Data Complexity. In: Canteaut [7], pp. 29–48

    Google Scholar 

  7. Canteaut, A. (ed.): FSE 2012. LNCS, vol. 7549. Springer, Heidelberg (2012)

    MATH  Google Scholar 

  8. Chen, J., Wang, M., Preneel, B.: Impossible Differential Cryptanalysis of the Lightweight Block Ciphers TEA, XTEA and HIGHT. In: Mitrokotsa, A., Vaudenay, S. (eds.) AFRICACRYPT 2012. LNCS, vol. 7374, pp. 117–137. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  9. Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer (2002)

    Google Scholar 

  10. Daemen, J., Rijmen, V.: Probability distributions of Correlation and Differentials in Block Ciphers. IACR Cryptology ePrint Archive, 2005:212 (2005)

    Google Scholar 

  11. Daum, M.: Cryptanalysis of Hash Functions of the MD4-Family. PhD thesis, Ruhr-Universität Bochum (2005)

    Google Scholar 

  12. De Cannière, C., Rechberger, C.: Finding SHA-1 Characteristics: General Results and Applications. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 1–20. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  13. Ferguson, N., Lucks, S., Schneier, B., Whiting, D., Bellare, M., Kohno, T., Callas, J., Walker, J.: The Skein Hash Function Family. Submission to the NIST SHA-3 Competition, Round 2 (2009)

    Google Scholar 

  14. Fouque, P.-A., Leurent, G., Nguyen, P.Q.: Automatic Search of Differential Path in MD4. IACR Cryptology ePrint Archive, 2007:206 (2007)

    Google Scholar 

  15. Hong, D., Sung, J., Hong, S., Lim, J., Lee, S., Koo, B., Lee, C., Chang, D., Lee, J., Jeong, K., Kim, H., Kim, J., Chee, S.: Hight: A new block cipher suitable for low-resource device. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 46–59. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  16. Hong, S., Hong, D., Ko, Y., Chang, D., Lee, W., Lee, S.: Differential Cryptanalysis of TEA and XTEA. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 402–417. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  17. Karroumi, M., Malherbe, C.: Related-key cryptanalysis of raiden. In: International Conference on Network and Service Security, N2S 2009, pp. 1–5 (2009)

    Google Scholar 

  18. Kelsey, J., Schneier, B., Wagner, D.: Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 233–246. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  19. Lai, X., Massey, J.L.: Markov ciphers and differential cryptanalysis. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 17–38. Springer, Heidelberg (1991)

    Chapter  Google Scholar 

  20. Leurent, G.: Construction of Differential Characteristics in ARX Designs - Application to Skein. IACR Cryptology ePrint Archive, 2012:668 (2012)

    Google Scholar 

  21. Lipmaa, H., Moriai, S.: Efficient Algorithms for Computing Differential Properties of Addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 336–350. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  22. Lipmaa, H., Wallén, J., Dumas, P.: On the Additive Differential Probability of Exclusive-Or. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 317–331. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  23. Matsui, M.: On Correlation between the Order of S-Boxes and the Strength of DES. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 366–375. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  24. Matsui, M., Yamagishi, A.: A New Method for Known Plaintext Attack of FEAL Cipher. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 81–91. Springer, Heidelberg (1993)

    Chapter  Google Scholar 

  25. Mendel, F., Nad, T., Schläffer, M.: Finding SHA-2 Characteristics: Searching through a Minefield of Contradictions. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 288–307. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  26. Moon, D., Hwang, K., Lee, W.I., Lee, S.-J., Lim, J.-I.: Impossible Differential Cryptanalysis of Reduced Round XTEA and TEA. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 49–60. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  27. Mouha, N., Velichkov, V., De Cannière, C., Preneel, B.: The Differential Analysis of S-Functions. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 36–56. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  28. National Institute of Standards and Technology. Announcing Request for Candidate Algorithm Nominations for a New Cryptographic Hash Algorithm (SHA-3) Family. Federal Register 27(212), 62212–62220 (November 2007), http://csrc.nist.gov/groups/ST/hash/documents/FR_Notice_Nov07.pdf (October 17, 2008)

  29. National Institute of Standards, U.S. Department of Commerce. FIPS 47: Data Encryption Standard (1977)

    Google Scholar 

  30. Needham, R.M., Wheeler, D.J.: TEA extensions. Computer Laboratory, Cambridge University, England (1997), http://www.movable-type.co.uk/scripts/xtea.pdf

  31. Needham, R.M., Wheeler, D.J.: Correction to XTEA. Technical report, University of Cambridge (October 1998)

    Google Scholar 

  32. Polimón, J., Castro, J.C.H., Estévez-Tapiador, J.M., Ribagorda, A.: Automated design of a lightweight block cipher with Genetic Programming. KES Journal 12(1), 3–14 (2008)

    Google Scholar 

  33. Preneel, B. (ed.): FSE 1994. LNCS, vol. 1008. Springer, Heidelberg (1995)

    MATH  Google Scholar 

  34. Rivest, R.L.: The MD4 Message Digest Algorithm. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 303–311. Springer, Heidelberg (1991)

    Google Scholar 

  35. Rivest, R.L.: The MD5 Message-Digest Algorithm. RFC 1321 (April 1992)

    Google Scholar 

  36. Rivest, R.L.: The RC5 Encryption Algorithm. In: Preneel [33], pp. 86–96

    Google Scholar 

  37. Shimizu, A., Miyaguchi, S.: Fast Data Encipherment Algorithm FEAL. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 267–278. Springer, Heidelberg (1988)

    Chapter  Google Scholar 

  38. Velichkov, V., Mouha, N., De Cannière, C., Preneel, B.: The Additive Differential Probability of ARX. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 342–358. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  39. Velichkov, V., Mouha, N., Preneel, C.D.B.: UNAF: A Special Set of Additive Differences with Application to the Differential Analysis of ARX. In: Canteaut, [7] pp. 287–305

    Google Scholar 

  40. Wheeler, D.J., Needham, R.M.: TEA, a Tiny Encryption Algorithm. In: Preneel [33], pp. 363–366

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratory of Algorithmics, Cryptology and Security (LACS), University of Luxembourg, Luxembourg

    Alex Biryukov & Vesselin Velichkov

Authors
  1. Alex Biryukov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vesselin Velichkov
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microsoft Research, Redmond, WA, USA

    Josh Benaloh

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Biryukov, A., Velichkov, V. (2014). Automatic Search for Differential Trails in ARX Ciphers. In: Benaloh, J. (eds) Topics in Cryptology – CT-RSA 2014. CT-RSA 2014. Lecture Notes in Computer Science, vol 8366. Springer, Cham. https://doi.org/10.1007/978-3-319-04852-9_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-04852-9_12

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-04851-2

  • Online ISBN: 978-3-319-04852-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation