Formal Analysis of Boomerang Probabilities

In the past 20 years since their conception, boomerang attacks have become an important tool in cryptanalysis of block ciphers. classical estimate success probability, assumptions are made about independence underlying differential trails that not well-founded. We underline problems inherent these by using them to prove for any there exists a trail over entire cipher with higher probability than boomerang.While cryptanalysts today clear understanding can be dependent, focus previous research has mostly gone into dependencies improve but little effort been put giving boomerangs and probabilities stronger theoretical underpinning. With this publication, we provide such formalization.We framework which allows us formulate rigorous statements involved without relying on trails. Among is proof two-round SPNs differentially 4-uniform S-boxes always deviate from largest degree possible.We applied results formalization analyze validity some first attacks. show constructed amplified attack Serpent Kelsey, Kohno, Schneier zero. For rectangle Dunkelman, Biham, Keller, demonstrate minuscule fraction only 2−43.4 all combinations used original non-zero probability. spite this, fact suggests as vastly predicts.