Finding the impossible: automated search for full impossible-differential, zero-correlation, and integral attacks
Abstract Impossible differential (ID), zero-correlation (ZC), and integral attacks are a family of
important attacks on block ciphers. For example, the impossible differential attack was the …
important attacks on block ciphers. For example, the impossible differential attack was the …
Massive superpoly recovery with nested monomial predictions
Determining the exact algebraic structure or some partial information of the superpoly for a
given cube is a necessary step in the cube attack–a generic cryptanalytic technique for …
given cube is a necessary step in the cube attack–a generic cryptanalytic technique for …
Coefficient grouping: Breaking chaghri and more
We propose an efficient technique called coefficient grouping to evaluate the algebraic
degree of the FHE-friendly cipher Chaghri, which has been accepted for ACM CCS 2022. It …
degree of the FHE-friendly cipher Chaghri, which has been accepted for ACM CCS 2022. It …
Superball: a new approach for MILP modelings of Boolean functions
T Li, Y Sun - IACR Transactions on Symmetric Cryptology, 2022 - tosc.iacr.org
Abstract Mixed Integer Linear Programming (MILP) solver has become one of the most
powerful tools of searching for cryptographic characteristics. It has great significance to study …
powerful tools of searching for cryptographic characteristics. It has great significance to study …
Stretching cube attacks: improved methods to recover massive superpolies
Cube attacks exploit the algebraic properties of symmetric ciphers by recovering a special
polynomial, the superpoly, and subsequently the secret key. When the algebraic normal …
polynomial, the superpoly, and subsequently the secret key. When the algebraic normal …
Misuse-free key-recovery and distinguishing attacks on 7-round ascon
Being one of the winning algorithms of the CAESAR competition and currently a second
round candidate of the NIST lightweight cryptography standardization project, the …
round candidate of the NIST lightweight cryptography standardization project, the …
Integral cryptanalysis of WARP based on monomial prediction
H Hadipour, M Eichlseder - IACR Transactions on Symmetric …, 2022 - tosc.iacr.org
WARP is a 128-bit block cipher published by Banik et al. at SAC 2020 as a lightweight
alternative to AES. It is based on a generalized Feistel network and achieves the smallest …
alternative to AES. It is based on a generalized Feistel network and achieves the smallest …
Improved Search for Integral, Impossible Differential and Zero-Correlation Attacks: Application to Ascon, ForkSKINNY, SKINNY, MANTIS, PRESENT and QARMAv2
H Hadipour, S Gerhalter, S Sadeghi… - IACR Transactions on …, 2024 - tosc.iacr.org
Abstract Integral, impossible-differential (ID), and zero-correlation (ZC) attacks are three of
the most important attacks on block ciphers. However, manually finding these attacks can be …
the most important attacks on block ciphers. However, manually finding these attacks can be …
On the field-based division property: applications to MiMC, Feistel MiMC and GMiMC
Recent practical applications using advanced cryptographic protocols such as multi-party
computations (MPC) and zero-knowledge proofs (ZKP) have prompted a range of novel …
computations (MPC) and zero-knowledge proofs (ZKP) have prompted a range of novel …
Automatic search of cubes for attacking stream ciphers
Y Sun - IACR Transactions on Symmetric Cryptology, 2021 - tosc.iacr.org
Cube attack was proposed by Dinur and Shamir, and it has become an important tool for
analyzing stream ciphers. As the problem that how to recover the superpolys accurately was …
analyzing stream ciphers. As the problem that how to recover the superpolys accurately was …