| Today,with the broad application of the technology of Io T,the security strength of the encryption algorithm under resource-constrained devices,that is,the lightweight encryption algorithm,has become more and more popular in the society.ARX type block cipher is very suitable for ensuring information interaction in the environment of the Internet of Things due to its simple algorithm structure and convenient hardware and software implementation.Because of the particularity of the ARX-type structure,both differential cryptanalysis and linear cryptanalysis are unable to produce good results for ARX-type ciphers.However,among the best attack results of many ARX-type ciphers,the differential-linear cryptanalysis is ranked on the top queue.In CRYPTO 2020,Beierle et al.made several technical improvements to the differential-linear cryptanalysis of ARX-type cryptographic algorithms and proposed a new differential-linear cryptanalysis model,then applied it to the ARX-type cryptographic algorithms Chaskey and Chacha,achieving fruitful attack results consequently.In addition,in recent years,automated analysis methods for cryptographic algorithms have become more and more mature,and the academic community has gradually deepened their understanding of the differential and linear properties of the ARX-type cryptographic algorithm.Therefore,it is of great significance to combine the new differential-linear analysis method and automated search technology.This paper aims to establish a general differential-linear attack framework for ARXtype cryptographic algorithms.We list the main works of the paper followed:1.Compared with the classical differential-linear model,this paper points out that adding intermediate experimental steps can more accurately estimate the correlation of differential-linear characteristic and provides a theoretical derivation with reference to the classical differential-linear cryptanalysis model.In addition,combined with the automatic cryptanalysis technology based on SAT/SMT,the differentiallinear characteristics determined by experiments can be followed in front by a highprobability differential route,followed by a high-probability linear approximation.The differential-linear characteristics covering long rounds is finally constructed.2.Through further research on modulo difference,this paper introduces the concept of differential independent bits to reduce the contribution of differential steps to data complexity in differential-linear attacks.Among them,When the probability of the differential characteristic is p,the generalized differential independent bit can reduce the overall complexity of the differential-linear cryptanalysis by p times,while the narrow differential independent bit,that is,the weak differential independent bit,requires special processing,and finally can also convert the differential-linear cryptanalysis.The overall complexity is shortened by a factor of nearly p.This is undoubtedly a great improvement in the data complexity required to mount a differential-linear cryptanalysis.3.For the intermediate experimental step inserted in the difference-linear cryptanalysis,after observing many existing optimal difference routes and linear approximations,we propose a difference-linear feature finding strategy based on a statistical strategy,which restricts the input difference and output mask to On the unit bit,for a specific cryptographic algorithm,combined with the parallel computing technology,it is possible to find qualified stable differential-linear features and their correlations in a sufficiently complete sample space.4.This paper constructs a differential-linear attack framework for the lightweight ARX block cipher algorithm and applies it to the lightweight block cipher SPECK32/64.As a result,the 9-round and 10-round distinguishers are constructed,which are extended to 13-round and 14-round ciphers respectively.Among them,the 14-round key recovery attack is the best cryptanalysis result for SPECK32/64 so far,and this result also proves the effectiveness of the framework. |
PDF Full Text Request