MILP-Based Automatic Search Algorithms for Differential and Linear Trails for Speck

In recent years, Mixed Integer Linear Programming MILP has been successfully applied in searching for differential characteristics and linear approximations in block ciphers and has produced the significant results for some ciphers such as SIMON a family of lightweight and hardware-optimized block ciphers designed by NSA etc. However, in the literature, the MILP-based automatic search algorithm for differential characteristics and linear approximations is still infeasible for block ciphers such as ARX constructions. In this paper, we propose an MILP-based method for automatic search for differential characteristics and linear approximations in ARX ciphers. By researching the properties of differential characteristic and linear approximation of modular addition in ARX ciphers, we present a method to describe the differential characteristic and linear approximation with linear inequalities under the assumptions of independent inputs to the modular addition and independent rounds. We use this representation as an input to the publicly available MILP optimizer Gurobi to search for differential characteristics and linear approximations for ARX ciphers. As an illustration, we apply our method to Speck, a family of lightweight and software-optimized block ciphers designed by NSA, which results in the improved differential characteristics and linear approximations compared with the existing ones. Moreover, we provide the improved differential attacks on Speck48, Speck64, Speck96 and Speck128, which are the best attacks on them in terms of the number of rounds.

[1]  Jiazhe Chen,et al.  Improved Linear Attacks on the Chinese Block Cipher Standard , 2014, Journal of Computer Science and Technology.

[2]  Gaëtan Leurent,et al.  Construction of Differential Characteristics in ARX Designs Application to Skein , 2013, CRYPTO.

[3]  Jason Smith,et al.  The SIMON and SPECK Families of Lightweight Block Ciphers , 2013, IACR Cryptol. ePrint Arch..

[4]  Alex Biryukov,et al.  Differential Analysis of Block Ciphers SIMON and SPECK , 2014, FSE.

[5]  Dawu Gu,et al.  Differential and Linear Cryptanalysis Using Mixed-Integer Linear Programming , 2011, Inscrypt.

[6]  Tao Huang,et al.  Leaked-State-Forgery Attack against the Authenticated Encryption Algorithm ALE , 2013, ASIACRYPT.

[7]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[8]  Stefan Lucks,et al.  Differential Cryptanalysis of Round-Reduced Simon and Speck , 2014, FSE.

[9]  Bin Zhang,et al.  Automatic Search for Linear Trails of the SPECK Family , 2015, ISC.

[10]  Lei Hu,et al.  Automatic Security Evaluation of Block Ciphers with S-bP Structures Against Related-Key Differential Attacks , 2013, Inscrypt.

[11]  Lei Hu,et al.  Automatic Security Evaluation and (Related-key) Differential Characteristic Search: Application to SIMON, PRESENT, LBlock, DES(L) and Other Bit-Oriented Block Ciphers , 2014, ASIACRYPT.

[12]  Alex Biryukov,et al.  Automatic Search for Differential Trails in ARX Ciphers , 2014, CT-RSA.

[13]  Florian Mendel,et al.  Finding SHA-2 Characteristics: Searching through a Minefield of Contradictions , 2011, ASIACRYPT.

[14]  Mitsuru Matsui,et al.  On Correlation Between the Order of S-boxes and the Strength of DES , 1994, EUROCRYPT.

[15]  Lei Hu,et al.  Towards Finding the Best Characteristics of Some Bit-oriented Block Ciphers and Automatic Enumeration of ( Related-key ) Differential and Linear Characteristics with Predefined Properties , 2015 .

[16]  Gaoli Wang,et al.  The Delicate Issues of Addition with Respect to XOR Differences , 2007, Selected Areas in Cryptography.

[17]  Mingsheng Wang,et al.  Security Evaluation against Differential Cryptanalysis for Block Cipher Structures , 2011, IACR Cryptol. ePrint Arch..

[18]  Christophe De Cannière,et al.  Finding SHA-1 Characteristics: General Results and Applications , 2006, ASIACRYPT.

[19]  Itai Dinur,et al.  Improved Differential Cryptanalysis of Round-Reduced Speck , 2014, IACR Cryptol. ePrint Arch..

[20]  Johan Wallén Linear Approximations of Addition Modulo 2n , 2003, FSE.

[21]  Alex Biryukov,et al.  Automatic Search for the Best Trails in ARX: Application to Block Cipher Speck , 2016, FSE.

[22]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[23]  Kaisa Nyberg,et al.  Improved Linear Distinguishers for SNOW 2.0 , 2006, FSE.

[24]  Pulak Mishra,et al.  Mergers, Acquisitions and Export Competitive- ness: Experience of Indian Manufacturing Sector , 2012 .

[25]  Shiho Moriai,et al.  Efficient Algorithms for Computing Differential Properties of Addition , 2001, FSE.