Tuple cryptanalysis of ARX with application to BLAKE and Skein∗
نویسندگان
چکیده
We introduce tuple cryptanalysis, a variant of structural cryptanalysis techniques as square, saturation, integral, internal collision, or multiset cryptanalysis, the main difference being that tuple cryptanalysis considers ordered rather than unordered multisets. This allows cryptanalysts to better trace structural properties within a cipher’s internal state. Unlike previous works that focus on S-box based algorithms, structural analysis is applied to ARX constructions, with preliminary results on reduced versions of Skein’s and BLAKE’s ARX cores. Due to its simplicity and efficient verification, tuple cryptanalyis can be used as a security benchmark for ARX schemes.
منابع مشابه
Rotational Cryptanalysis of ARX Revisited
Rotational cryptanalysis is a probabilistic attack applicable to word oriented designs that use (almost) rotation-invariant constants. It is believed that the success probability of rotational cryptanalysis against ciphers and functions based on modular additions, rotations and XORs, can be computed only by counting the number of additions. We show that this simple formula is incorrect due to t...
متن کاملConstruction of Differential Characteristics in ARX Designs Application to Skein
In this paper, we study differential attacks against ARX schemes. We build upon the generalized characteristics of de Cannière and Rechberger and the multi-bit constraints of Leurent. We describe a more efficient way to propagate multi-bit constraints, that allows us to use the complete set of 2 2.5-bit constraints, instead of the reduced sets used by Leurent. As a result, we are able to build ...
متن کاملRotational Cryptanalysis of ARX
In this paper we analyze the security of systems based on modular additions, rotations, and XORs (ARX systems). We provide both theoretical support for their security and practical cryptanalysis of real ARX primitives. We use a technique called rotational cryptanalysis, that is universal for the ARX systems and is quite efficient. We illustrate the method with the best known attack on reduced v...
متن کاملNear-Collisions on the Reduced-Round Compression Functions of Skein and BLAKE
The SHA-3 competition organized by NIST [1] aims to find a new hash standard as a replacement of SHA-2. Till now, 14 submissions have been selected as the second round candidates, including Skein and BLAKE, both of which have components based on modular addition, rotation and bitwise XOR (ARX). In this paper, we propose improved near-collision attacks on the reduced-round compression functions ...
متن کاملRecent Methods for Cryptanalysis of Symmetric-key Cryptographic Algorithms (Recente Methoden voor de Cryptanalyse van Symmetrische-sleutel Cryptografische Algoritmen)
Cryptography is the art and science of secret communication. In the past it has been exclusively the occupation of the military. It is only during the last forty years that the study and practice of cryptography has reached the wide public. Nowadays, cryptography is not only actively studied in leading universities as part of their regular curriculum, but it is also widely used in our everyday ...
متن کامل