Zero-Sum Partitions of PHOTON Permutations

We describe an approach to zero-sum partitions using Todo’s division property at EUROCRYPT 2015. It follows the inside-out methodology, and includes MILP-assisted search for the forward and backward trails, and subspace approach to connect those two trails that is less restrictive than commonly done.

[1]  Thomas Peyrin,et al.  Improved Rebound Attack on the Finalist Grøstl , 2012, FSE.

[2]  Stefan Lucks,et al.  Attacking Seven Rounds of Rijndael under 192-bit and 256-bit Keys , 2000, AES Candidate Conference.

[3]  Lars R. Knudsen,et al.  Truncated and Higher Order Differentials , 1994, FSE.

[4]  David A. Wagner,et al.  The Boomerang Attack , 1999, FSE.

[5]  Anne Canteaut,et al.  Another View of the Division Property , 2016, CRYPTO.

[6]  Vincent Rijmen,et al.  The Block Cipher Square , 1997, FSE.

[7]  David A. Wagner,et al.  Integral Cryptanalysis , 2002, FSE.

[8]  Christian Rechberger,et al.  New and Old Limits for AES Known-Key Distinguishers , 2017 .

[9]  Henri Gilbert,et al.  A Simplified Representation of AES , 2014, ASIACRYPT.

[10]  Vincent Rijmen,et al.  Cryptanalysis of Reduced-Round SIMON32 and SIMON48 , 2014, INDOCRYPT.

[11]  Thomas Peyrin,et al.  The PHOTON Family of Lightweight Hash Functions , 2011, IACR Cryptol. ePrint Arch..

[12]  Alex Biryukov,et al.  Structural Cryptanalysis of SASAS , 2001, Journal of Cryptology.

[13]  Vincent Rijmen,et al.  Known-Key Distinguishers for Some Block Ciphers , 2007, ASIACRYPT.

[14]  Guido Bertoni,et al.  The Making of KECCAK , 2014, Cryptologia.

[15]  Lei Hu,et al.  Automatic Security Evaluation and (Related-key) Differential Characteristic Search: Application to SIMON, PRESENT, LBlock, DES(L) and Other Bit-Oriented Block Ciphers , 2014, ASIACRYPT.

[16]  Anne Canteaut,et al.  A zero-sum property for the KECCAK-f permutation with 18 rounds , 2010, 2010 IEEE International Symposium on Information Theory.

[17]  Yosuke Todo Integral Cryptanalysis on Full MISTY1 , 2015, CRYPTO.

[18]  Christian Rechberger,et al.  New Limits for AES Known-Key Distinguishers , 2017, IACR Cryptol. ePrint Arch..

[19]  Christian Rechberger,et al.  Subspace Trail Cryptanalysis and its Applications to AES , 2017, IACR Trans. Symmetric Cryptol..

[20]  Dongdai Lin,et al.  Applying MILP Method to Searching Integral Distinguishers Based on Division Property for 6 Lightweight Block Ciphers , 2016, ASIACRYPT.

[21]  Yosuke Todo,et al.  Bit-Based Division Property and Application to Simon Family , 2016, FSE.

[22]  Xuejia Lai,et al.  Improved zero-sum distinguisher for full round Keccak-f permutation , 2011, IACR Cryptol. ePrint Arch..

[23]  Mihir Bellare,et al.  A New Paradigm for Collision-Free Hashing: Incrementality at Reduced Cost , 1997, EUROCRYPT.

[24]  Hans Dobbertin Cryptanalysis of MD5 Compress , 1996 .

[25]  Yosuke Todo,et al.  Structural Evaluation by Generalized Integral Property , 2015, EUROCRYPT.

[26]  Wei Wang,et al.  MILP-Aided Bit-Based Division Property for Primitives with Non-Bit-Permutation Linear Layers , 2016, IACR Cryptol. ePrint Arch..

[27]  Marine Minier,et al.  A Collision Attack on 7 Rounds of Rijndael , 2000, AES Candidate Conference.

[28]  Vincent Rijmen,et al.  Division Cryptanalysis of Block Ciphers with a Binary Diffusion Layer , 2017, IACR Cryptol. ePrint Arch..