[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

What a lovely hat

Is it made out of tin foil?




Dates are inconsistent

Dates are inconsistent

23 results sorted by ID

Possible spell-corrected query: at/set
2024/350 (PDF) Last updated: 2024-02-27
Automating Collision Attacks on RIPEMD-160
Yingxin Li, Fukang Liu, Gaoli Wang
Attacks and cryptanalysis

As an ISO/IEC standard, the hash function RIPEMD-160 has been used to generate the Bitcoin address with SHA-256. However, due to the complex double-branch structure of RIPEMD-160, the best collision attack only reaches 36 out of 80 steps of RIPEMD-160, and the best semi-free-start (SFS) collision attack only reaches 40 steps. To improve the 36-step collision attack proposed at EUROCRYPT 2023, we explored the possibility of using different message differences to increase the number of...

2024/349 (PDF) Last updated: 2024-02-27
New Records in Collision Attacks on SHA-2
Yingxin Li, Fukang Liu, Gaoli Wang
Attacks and cryptanalysis

The SHA-2 family including SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA512/256 is a U.S. federal standard pub- lished by NIST. Especially, there is no doubt that SHA-256 is one of the most important hash functions used in real-world applications. Due to its complex design compared with SHA-1, there is almost no progress in collision attacks on SHA-2 after ASIACRYPT 2015. In this work, we retake this challenge and aim to significantly improve collision attacks on the SHA-2...

2024/105 (PDF) Last updated: 2024-01-24
Differential cryptanalysis with SAT, SMT, MILP, and CP: a detailed comparison for bit-oriented primitives
Emanuele Bellini, Alessandro De Piccoli, Mattia Formenti, David Gerault, Paul Huynh, Simone Pelizzola, Sergio Polese, Andrea Visconti
Secret-key cryptography

SAT, SMT, MILP, and CP, have become prominent in the differential cryptanalysis of cryptographic primitives. In this paper, we review the techniques for constructing differential characteristic search models in these four formalisms. Additionally, we perform a systematic comparison encompassing over 20 cryptographic primitives and 16 solvers, on both easy and hard instances of optimisation, enumeration and differential probability estimation problems.

2023/622 (PDF) Last updated: 2023-06-01
CLAASP: a Cryptographic Library for the Automated Analysis of Symmetric Primitives
Emanuele Bellini, David Gerault, Juan Grados, Yun Ju Huang, Mohamed Rachidi, Sharwan Tiwari, Rusydi H. Makarim
Secret-key cryptography

This paper introduces CLAASP, a Cryptographic Library for the Automated Analysis of Symmetric Primitives. The library is designed to be modular, extendable, easy to use, generic, efficient and fully automated. It is an extensive toolbox gathering state-of-the-art techniques aimed at simplifying the manual tasks of symmetric primitive designers and analysts. CLAASP is built on top of Sagemath and is open-source under the GPLv3 license. The central input of CLAASP is the description of a...

2023/285 (PDF) Last updated: 2023-02-28
New Records in Collision Attacks on RIPEMD-160 and SHA-256
Yingxin Li, Fukang Liu, Gaoli Wang
Attacks and cryptanalysis

RIPEMD-160 and SHA-256 are two hash functions used to generate the bitcoin address. In particular, RIPEMD-160 is an ISO/IEC standard and SHA-256 has been widely used in the world. Due to their complex designs, the progress to find (semi-free-start) collisions for the two hash functions is slow. Recently at EUROCRYPT 2023, Liu et al. presented the first collision attack on 36 steps of RIPEMD-160 and the first MILP-based method to find collision-generating signed differential characteristics....

2023/109 (PDF) Last updated: 2023-01-28
SoK: Modeling for Large S-boxes Oriented to Differential Probabilities and Linear Correlations (Long Paper)
Ling Sun, Meiqin Wang
Attacks and cryptanalysis

Automatic methods for differential and linear characteristic search are well-established at the moment. Typically, the designers of novel ciphers also give preliminary analytical findings for analysing the differential and linear properties using automatic techniques. However, neither MILP-based nor SAT/SMT-based approaches have fully resolved the problem of searching for actual differential and linear characteristics of ciphers with large S-boxes. To tackle the issue, we present three...

2022/402 (PDF) Last updated: 2022-03-31
Improved Rotational-XOR Cryptanalysis of Simon-like Block Ciphers
Jinyu Lu, Yunwen Liu, Tomer Ashur, Bing Sun, Chao Li

Rotational-XOR (RX) cryptanalysis is a cryptanalytic method aimed at finding distinguishable statistical properties in ARX-C ciphers, i.e., ciphers that can be described only by using modular addition, cyclic rotation, XOR, and the injection of constants. In this paper we extend RX-cryptanalysis to AND-RX ciphers, a similar design paradigm where the modular addition is replaced by vectorial bitwise AND; such ciphers include the block cipher families Simon and Simeck. We analyze the...

2021/1640 (PDF) Last updated: 2022-02-27
New Differential Cryptanalysis Results for the Lightweight Block Cipher BORON
Je Sen Teh, Li Jing Tham, Norziana Jamil, Wun-She Yap
Secret-key cryptography

BORON is a 64-bit lightweight block cipher based on the substitution-permutation network that supports an 80-bit (BORON-80) and 128-bit (BORON-128) secret key. In this paper, we revisit the use of differential cryptanalysis on BORON in the single-key model. Using an SAT/SMT approach, we look for differentials that consist of multiple differential characteristics with the same input and output differences. Each characteristic that conforms to a given differential improves its overall...

2021/1529 (PDF) Last updated: 2024-06-16
Autoguess: A Tool for Finding Guess-and-Determine Attacks and Key Bridges
Hosein Hadipour, Maria Eichlseder
Secret-key cryptography

The guess-and-determine technique is one of the most widely used techniques in cryptanalysis to recover unknown variables in a given system of relations. In such attacks, a subset of the unknown variables is guessed such that the remaining unknowns can be deduced using the information from the guessed variables and the given relations. This idea can be applied in various areas of cryptanalysis such as finding the internal state of stream ciphers when a sufficient amount of output data is...

2021/1285 (PDF) Last updated: 2021-11-30
Convexity of division property transitions: theory, algorithms and compact models
Aleksei Udovenko
Secret-key cryptography

Integral cryptanalysis is a powerful tool for attacking symmetric primitives, and division property is a state-of-the-art framework for finding integral distinguishers. This work describes new theoretical and practical insights into traditional bit-based division property. We focus on analyzing and exploiting monotonicity/convexity of division property and its relation to the graph indicator. In particular, our investigation leads to a new compact representation of propagation, which allows...

2021/1047 (PDF) Last updated: 2022-02-09
A Correlation Attack on Full SNOW-V and SNOW-Vi
Zhen Shi, Chenhui Jin, Jiyan Zhang, Ting Cui, Lin Ding, Yu Jin
Secret-key cryptography

In this paper, a method for searching correlations between the binary stream of Linear Feedback Shift Register (LFSR) and the keystream of SNOW-V and SNOW-Vi is presented based on the technique of approximation to composite functions. With the aid of the linear relationship between the four taps of LFSR input into Finite State Machine (FSM) at three consecutive clocks, we present an automatic search model based on the SAT/SMT technique and search out a series of linear approximation trails...

2021/1017 (PDF) Last updated: 2021-08-06
Improve Neural Distinguisher for Cryptanalysis
Zezhou Hou, Jiongjiong Ren, Shaozhen Chen

At CRYPTO'19, Gohr built a bridge between deep learning and cryptanalysis. Based on deep neural networks, he trained neural distinguishers of Speck32/64 using a plaintext difference and single ciphertext pair. Compared with purely differential distinguishers, neural distinguishers successfully use features of the ciphertext pairs. Besides, with the help of neural distinguishers, he attacked 11-round Speck32/64 using Bayesian optimization. At EUROCRYPTO'21, Benamira proposed a detailed...

2021/965 (PDF) Last updated: 2021-07-22
Automatic Search for Bit-based Division Property
Shibam Ghosh, Orr Dunkelman
Secret-key cryptography

Division properties, introduced by Todo at Eurocrypt 2015, are extremely useful in cryptanalysis, are an extension of square attack (also called saturation attack or integral cryptanalysis). Given their im- portance, a large number of works tried to offer automatic tools to find division properties, primarily based on MILP or SAT/SMT. This paper studies better modeling techniques for finding division properties using the Constraint Programming and SAT/SMT-based automatic tools. We use the...

2021/656 (PDF) Last updated: 2021-05-27
Automated Search Oriented to Key Recovery on Ciphers with Linear Key Schedule: Applications to Boomerangs in SKINNY and ForkSkinny
Lingyue Qin, Xiaoyang Dong, Xiaoyun Wang, Keting Jia, Yunwen Liu
Secret-key cryptography

Automatic modelling to search distinguishers with high probability covering as many rounds as possible, such as MILP, SAT/SMT, CP models, has become a very popular cryptanalysis topic today. In those models, the optimizing objective is usually the probability or the number of rounds of the distinguishers. If we want to recover the secret key for a round-reduced block cipher, there are usually two phases, i.e., finding an efficient distinguisher and performing key-recovery attack by...

2021/442 (PDF) Last updated: 2021-04-06
How to Backdoor a Cipher
Raluca Posteuca, Tomer Ashur
Secret-key cryptography

Newly designed block ciphers are required to show resistance against known attacks, e.g., linear and differential cryptanalysis. Two widely used methods to do this are to employ an automated search tool (e.g., MILP, SAT/SMT, etc.) and/or provide a wide-trail argument. In both cases, the core of the argument consists of bounding the transition probability of the statistical property over an isolated non-linear operation, then multiply it by the number of such operations (e.g., number of...

2020/441 (PDF) Last updated: 2020-04-19
Modeling for Three-Subset Division Property without Unknown Subset
Yonglin Hao, Gregor Leander, Willi Meier, Yosuke Todo, Qingju Wang
Secret-key cryptography

A division property is a generic tool to search for integral distinguishers, and automatic tools such as MILP or SAT/SMT allow us to evaluate the propagation efficiently. In the application to stream ciphers, it enables us to estimate the security of cube attacks theoretically, and it leads to the best key-recovery attacks against well-known stream ciphers. However, it was reported that some of the key-recovery attacks based on the division property degenerate to distinguishing attacks due...

2018/813 (PDF) Last updated: 2018-09-11
Programming the Demirci-Sel{ç}uk Meet-in-the-Middle Attack with Constraints
Danping Shi, Siwei Sun, Patrick Derbez, Yosuke Todo, Bing Sun, Lei Hu

Cryptanalysis with SAT/SMT, MILP and CP has increased in popularity among symmetric-key cryptanalysts and designers due to its high degree of automation. So far, this approach covers differential, linear, impossible differential, zero-correlation, and integral cryptanalysis. However, the Demirci-Selcuk meet-in-the-middle (DS-MITM) attack is one of the most sophisticated techniques that has not been automated with this approach. By an in-depth study of Derbez and Fouque's work on DS-MITM...

2017/1036 (PDF) Last updated: 2017-10-28
Rotational-XOR Cryptanalysis of Reduced-round SPECK
Yunwen Liu, Glenn De Witte, Adrián Ranea, Tomer Ashur
Secret-key cryptography

In this paper we formulate a SAT/SMT model for Rotational-XOR (RX) cryptanalysis in ARX primitives for the first time. The model is successfully applied to the block cipher family Speck, and distinguishers covering more rounds than previously are found, as well as RX-characteristics requiring less data to detect. In particular, we present distinguishers for 10, 11 and 12 rounds for Speck32/64 which have better probabilities than the previously known 9-round differential characteristic, for a...

2017/576 (PDF) Last updated: 2017-06-20
The Security of SIMON-like Ciphers Against Linear Cryptanalysis
Zhengbin Liu, Yongqiang Li, Mingsheng Wang
Secret-key cryptography

In the present paper, we analyze the security of SIMON-like ciphers against linear cryptanalysis. First, an upper bound is derived on the squared correlation of SIMON-like round function. It is shown that the upper bound on the squared correlation of SIMON-like round function decreases with the Hamming weight of output mask increasing. Based on this, we derive an upper bound on the squared correlation of linear trails for SIMON and SIMECK, which is $2^{-2R+2}$ for any $R$-round linear trail....

2017/178 (PDF) Last updated: 2017-02-27
Optimal Differential Trails in SIMON-like Ciphers
Zhengbin Liu, Yongqiang Li, Mingsheng Wang

In the present paper, we propose an automatic search algorithm for optimal differential trails in SIMON-like ciphers. First, we give a more accurate upper bound on the differential probability of SIMON-like round function. It is shown that when the Hamming weight of the input difference $\alpha$, which is denoted by $wt(\alpha)$, is less than one half of the input size, the corresponding maximum differential probability of SIMON-like round function is less than or equal to...

2016/651 (PDF) Last updated: 2016-09-21
Pen and Paper Arguments for SIMON and SIMON-like Designs
Christof Beierle
Secret-key cryptography

In this work, we analyze the resistance of SIMON-like ciphers against differential attacks without using computer-aided methods. In this context, we first define the notion of a SIMON-like cipher as a generalization of the SIMON design. For certain instances, we present a method for proving the resistance against differential attacks by upper bounding the probability of a differential characteristic by $2^{-2T+2}$ where $T$ denotes the number of rounds. Interestingly, if $2n$ denotes the...

2016/548 (PDF) Last updated: 2016-06-20
Linicrypt: A Model for Practical Cryptography
Brent Carmer, Mike Rosulek
Foundations

A wide variety of objectively practical cryptographic schemes can be constructed using only symmetric-key operations and linear operations. To formally study this restricted class of cryptographic algorithms, we present a new model called {\em Linicrypt}. A Linicrypt program has access to a random oracle whose inputs and outputs are field elements, and otherwise manipulates data only via fixed linear combinations. Our main technical result is that it is possible to decide {\em in polynomial...

2015/145 (PDF) Last updated: 2015-07-03
Observations on the SIMON block cipher family
Stefan Kölbl, Gregor Leander, Tyge Tiessen

In this paper we analyse the general class of functions underly- ing the Simon block cipher. In particular, we derive efficiently computable and easily implementable expressions for the exact differential and linear behaviour of Simon-like round functions. Following up on this, we use those expressions for a computer aided approach based on SAT/SMT solvers to find both optimal differential and linear characteristics for Simon. Furthermore, we are able to find all characteristics contributing...

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.