Rotational cryptanalysis in the presence of constants

Tomer Ashur, Yunwen Liu

Research output: Contribution to journalArticleAcademicpeer-review

33 Downloads (Pure)

Abstract

Rotational cryptanalysis is a statistical method for attacking ARX constructions. It was previously shown that ARX-C, i.e., ARX with the injection of constants can be used to implement any function. In this paper we investigate how rotational cryptanalysis is affected when constants are injected into the state. We introduce the notion of an RX-difference, generalizing the idea of a rotational difference. We show how RX-differences behave around modular addition, and give a formula to calculate their transition probability. We experimentally verify the formula using Speck32/64, and present a 7-round distinguisher based on RX-differences. We then discuss two types of constants: round constants, and constants which are the result of using a fixed key, and provide recommendations to designers for optimal choice of parameters.
Original languageEnglish
Pages (from-to)57-70
Number of pages14
JournalIACR Transactions on Symmetric Cryptology
Volume2016
Issue number1
DOIs
Publication statusPublished - 1 Dec 2016
Externally publishedYes

Keywords

  • Rotational cryptanalysis
  • ARX
  • RX-difference

Fingerprint

Dive into the research topics of 'Rotational cryptanalysis in the presence of constants'. Together they form a unique fingerprint.

Cite this