Improved Rectangle Attacks on SKINNY and CRAFT

The boomerang and rectangle attacks are adaptions of differential cryptanalysis that regard the target cipher E as a composition two sub-ciphers, i.e., = E1 ∘ E0, to construct distinguisher for with probability p2q2 by concatenating short trails E0 p q respectively. According previous research, dependency between these characteristics has great impact on distinguishers. Dunkelman et al. proposed sandwich attack formalise such regards three parts, Em where contains trails, satisfying some propagation r. Accordingly, entire is p2q2r. Recently, Song have general framework identify actual boundaries systematically evaluate any number rounds, applied their method accurately probabilities best SKINNY’s In this paper, using more advanced search distinguishers, we show distinguishers SKINNY can be significantly improved in terms rounds. More precisely, propose related-tweakey up 19, 21, 23, 25 rounds SKINNY-64-128, SKINNY-128-256, SKINNY-64-192 SKINNY-128-384 respectively, which improve variants 1, 2, 1 round Based SKINNY, provide 23 24 29 SKINNY-64-192, 30 SKINNY-128-384. It worth noting our SKINNY-128-256 directly same ForkSkinny-64-192, ForkSkinny-128-256 ForkSkinny-128-384 CRAFT another SKINNY-like tweakable block security analysis against first time. As result, 14-round single-tweak model based 18 cipher. Moreover, following research regarding evaluation switching multiple also introduce new tools called Double Boomerang Connectivity Table (DBCT), LBCT⫤, UBCT⊨ switch through accurately.