Truncated Boomerang Attacks and Application to AES-Based Ciphers

The boomerang attack is a cryptanalysis technique that combines two short differentials instead of using single long differential. It has been applied to many primitives, and results in the best known attacks against several AES-based ciphers (Kiasu-BC, Deoxys-BC). In this paper, we introduce general framework for with truncated differentials. We show use provides significant improvement over literature. particular, take into account structures on plaintext ciphertext sides, include an analysis key recovery step. On 6-round AES, obtain competitive structural distinguisher complexity $$2^{87}$$ $$2^{61}$$ . particularly effective tweakable AES variants. apply it 8-round Kiasu-BC, resulting $$2^{83}$$ (rather than $$2^{103}$$ ). also interesting full TNT-AES, block cipher as building block. Finally, Deoxys-BC, MILP model find optimal trails automatically. round-reduced versions all variants Deoxys-BC.