Boosting differential-linear cryptanalysis of ChaCha7 with MILP

Boosting differential-linear cryptanalysis of ChaCha7 with MILP

In this paper, we present an improved differential-linear cryptanalysis of the ChaCha stream cipher. Our main contributions are new differential-linear distinguishers that we were able to build thanks to the following improvements: a) we considered a larger search space, including 2-bit differences...

وصف كامل

محفوظ في:
التفاصيل البيبلوغرافية
المؤلفون الرئيسيون: Bellini, Emanuele, Gerault, David, Grados, Juan, Makarim, Rusydi H., Peyrin, Thomas
مؤلفون آخرون: School of Physical and Mathematical Sciences
التنسيق: مقال
اللغة:English
منشور في: 2023
الموضوعات:
Science::Mathematics
Cryptanalysis
Differential-Linear Attack
الوصول للمادة أونلاين:https://hdl.handle.net/10356/171650
الوسوم: إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
المؤسسة: Nanyang Technological University
اللغة: English
id sg-ntu-dr.10356-171650
record_format dspace
spelling sg-ntu-dr.10356-1716502023-11-06T15:35:22Z Boosting differential-linear cryptanalysis of ChaCha7 with MILP Bellini, Emanuele Gerault, David Grados, Juan Makarim, Rusydi H. Peyrin, Thomas School of Physical and Mathematical Sciences Science::Mathematics Cryptanalysis Differential-Linear Attack In this paper, we present an improved differential-linear cryptanalysis of the ChaCha stream cipher. Our main contributions are new differential-linear distinguishers that we were able to build thanks to the following improvements: a) we considered a larger search space, including 2-bit differences (besides 1-bit differences) for the difference at the beginning of the differential part of the differential-linear trail; b) a better choice of mask between the differential and linear parts; c) a carefully crafted MILP tool that finds linear trails with higher correlation for the linear part. We eventually obtain a new distinguisher for ChaCha reduced to 7 rounds that requires 2166.89 computations, improving the previous record (ASIACRYPT 2022) by a factor of 247. Also, we obtain a distinguisher for ChaCha reduced to 7.5 rounds that requires 2251.4 computations, being the first time of a distinguisher against ChaCha reduced to 7.5 rounds. Using our MILP tool, we also found a 5-round differential-linear distinguisher. When combined with the probabilistic neutral bits (PNB) framework, we obtain a key-recovery attack on ChaCha reduced to 7 rounds with a computational complexity of 2206.8, improving by a factor 214.2 upon the recent result published at EUROCRYPT 2022. Published version 2023-11-02T03:47:03Z 2023-11-02T03:47:03Z 2023 Journal Article Bellini, E., Gerault, D., Grados, J., Makarim, R. H. & Peyrin, T. (2023). Boosting differential-linear cryptanalysis of ChaCha7 with MILP. IACR Transactions On Symmetric Cryptology, 2023(2), 189-223. https://dx.doi.org/10.46586/tosc.v2023.i2.189-223 2519-173X https://hdl.handle.net/10356/171650 10.46586/tosc.v2023.i2.189-223 2-s2.0-85163025678 2 2023 189 223 en IACR Transactions on Symmetric Cryptology © 2023 The Author(s). This work is licensed under a Creative Commons Attribution 4.0 International License. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic Science::Mathematics
Cryptanalysis
Differential-Linear Attack
spellingShingle Science::Mathematics
Cryptanalysis
Differential-Linear Attack
Bellini, Emanuele
Gerault, David
Grados, Juan
Makarim, Rusydi H.
Peyrin, Thomas
Boosting differential-linear cryptanalysis of ChaCha7 with MILP
description In this paper, we present an improved differential-linear cryptanalysis of the ChaCha stream cipher. Our main contributions are new differential-linear distinguishers that we were able to build thanks to the following improvements: a) we considered a larger search space, including 2-bit differences (besides 1-bit differences) for the difference at the beginning of the differential part of the differential-linear trail; b) a better choice of mask between the differential and linear parts; c) a carefully crafted MILP tool that finds linear trails with higher correlation for the linear part. We eventually obtain a new distinguisher for ChaCha reduced to 7 rounds that requires 2166.89 computations, improving the previous record (ASIACRYPT 2022) by a factor of 247. Also, we obtain a distinguisher for ChaCha reduced to 7.5 rounds that requires 2251.4 computations, being the first time of a distinguisher against ChaCha reduced to 7.5 rounds. Using our MILP tool, we also found a 5-round differential-linear distinguisher. When combined with the probabilistic neutral bits (PNB) framework, we obtain a key-recovery attack on ChaCha reduced to 7 rounds with a computational complexity of 2206.8, improving by a factor 214.2 upon the recent result published at EUROCRYPT 2022.
author2 School of Physical and Mathematical Sciences
author_facet School of Physical and Mathematical Sciences
Bellini, Emanuele
Gerault, David
Grados, Juan
Makarim, Rusydi H.
Peyrin, Thomas
format Article
author Bellini, Emanuele
Gerault, David
Grados, Juan
Makarim, Rusydi H.
Peyrin, Thomas
author_sort Bellini, Emanuele
title Boosting differential-linear cryptanalysis of ChaCha7 with MILP
title_short Boosting differential-linear cryptanalysis of ChaCha7 with MILP
title_full Boosting differential-linear cryptanalysis of ChaCha7 with MILP
title_fullStr Boosting differential-linear cryptanalysis of ChaCha7 with MILP
title_full_unstemmed Boosting differential-linear cryptanalysis of ChaCha7 with MILP
title_sort boosting differential-linear cryptanalysis of chacha7 with milp
publishDate 2023
url https://hdl.handle.net/10356/171650
_version_ 1783955585554710528

مواد مشابهة