Abstract
Due to their fast performance in software, an increasing number of cryptographic primitives are constructed using the operations addition modulo 2n, bit rotation and XOR (ARX). However, the resistance of ARX-based ciphers against differential cryptanalysis is not well understood. In this paper, we propose a new tool for evaluating more accurately the probabilities of additive differentials over multiple rounds of a cryptographic primitive. First, we introduce a special set of additive differences, called UNAF (unsigned non-adjacent form) differences. Then, we show how to apply them to find good differential trails using an algorithm for the automatic search for differentials. Finally, we describe a key-recovery attack on stream cipher Salsa20 reduced to five rounds, based on UNAF differences.
| Original language | English |
|---|---|
| Title of host publication | Fast Software Encryption |
| Editors | Anne Canteaut |
| Place of Publication | Berlin, Heidelberg |
| Publisher | Springer |
| Pages | 287-305 |
| Number of pages | 19 |
| ISBN (Print) | 978-3-642-34047-5 |
| DOIs | |
| Publication status | Published - 2012 |
| Event | 19th annual Fast Software Encryption workshop - Washington, United States Duration: 19 Mar 2012 → 21 Mar 2012 http://fse2012.inria.fr/ |
Conference
| Conference | 19th annual Fast Software Encryption workshop |
|---|---|
| Abbreviated title | FSE 2012 |
| Country/Territory | United States |
| City | Washington |
| Period | 19/03/12 → 21/03/12 |
| Internet address |