UNAF: a special set of additive differences with application to the differential analysis of ARX

Authors:
Vesselin Velichkov;Nicky Mouha;Christophe De Cannière;Bart Preneel
Affiliations:
Department of Electrical Engineering ESAT/SCD-COSIC, Katholieke Universiteit Leuven, Heverlee, Belgium,Interdisciplinary Institute for BroadBand Technology (IBBT), Belgium;Department of Electrical Engineering ESAT/SCD-COSIC, Katholieke Universiteit Leuven, Heverlee, Belgium,Interdisciplinary Institute for BroadBand Technology (IBBT), Belgium;Department of Electrical Engineering ESAT/SCD-COSIC, Katholieke Universiteit Leuven, Heverlee, Belgium,Interdisciplinary Institute for BroadBand Technology (IBBT), Belgium;Department of Electrical Engineering ESAT/SCD-COSIC, Katholieke Universiteit Leuven, Heverlee, Belgium,Interdisciplinary Institute for BroadBand Technology (IBBT), Belgium
Venue:
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Year:
2012

Citing 10
Cited 1

The Design of Rijndael

The Design of Rijndael
Efficient Algorithms for Computing Differential Properties of Addition

FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
On binary signed digit representations of integers

Designs, Codes and Cryptography
The Salsa20 Family of Stream Ciphers

New Stream Cipher Designs
New Features of Latin Dances: Analysis of Salsa, ChaCha, and Rumba

Fast Software Encryption
A new method for known plaintext attack of FEAL cipher

EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
Fast data encipherment algorithm FEAL

EUROCRYPT'87 Proceedings of the 6th annual international conference on Theory and application of cryptographic techniques
The differential analysis of S-functions

SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
The additive differential probability of ARX

FSE'11 Proceedings of the 18th international conference on Fast software encryption
Non-randomness in eSTREAM candidates salsa20 and TSC-4

INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India

Improved key recovery attacks on reduced-round salsa20 and chacha

ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Due to their fast performance in software, an increasing number of cryptographic primitives are constructed using the operations addition modulo 2n, bit rotation and XOR (ARX). However, the resistance of ARX-based ciphers against differential cryptanalysis is not well understood. In this paper, we propose a new tool for evaluating more accurately the probabilities of additive differentials over multiple rounds of a cryptographic primitive. First, we introduce a special set of additive differences, called UNAF (unsigned non-adjacent form) differences. Then, we show how to apply them to find good differential trails using an algorithm for the automatic search for differentials. Finally, we describe a key-recovery attack on stream cipher Salsa20 reduced to five rounds, based on UNAF differences.