Analysis of Boomerang Differential Trails via a SAT-Based Constraint Solver URSA
نویسنده
چکیده
Obtaining differential patterns over many rounds of a cryptographic primitive often requires working on local differential trail analysis. In the case of boomerang and rectangle attacks, merging two short differential trails into one long differential pattern is required. It was previously shown by Murphy that caution should be exercised as there is increased chance of running into contradictions in the middle rounds of the primitive. In this paper, we propose the use of a SAT-based constraint solver URSA as aid in analysis of differential trails and find that previous rectangle/boomerang attacks on XTEA, SHACAL-1 and SM3 primitives are based on incompatible trails. Given the C specification of the cryptographic primitive, verifying differential trail portions requires minimal work on the side of the cryptanalyst.
منابع مشابه
A Hybrid BDD and SAT Finite Domain Constraint Solver
Finite-domain constraint solvers based on Binary Decision Diagrams (BDDs) are a powerful technique for solving constraint problems over finite set and integer variables represented as Boolean formulæ. Boolean Satisfiability (SAT) solvers are another form of constraint solver that operate on constraints on Boolean variables expressed in clausal form. Modern SAT solvers have highly optimized prop...
متن کاملProving Correctness of a KRK Chess Endgame Strategy by SAT-based Constraint Solving
Chess endgame strategies in a concise and intuitive way describe the rules the player should follow to ensure win (or draw). Endgame strategies are useful for both computer and human players. Their correctness can be proved in several ways, and in this paper we present one of them: computer assisted proof based on reduction to propositional logic, more precisely to SAT. We focus on a strategy f...
متن کاملBoomerang Attacks on BLAKE-32
We present high probability differential trails on 2 and 3 rounds of BLAKE-32. Using the trails we are able to launch boomerang attacks on up to 8 round-reduced keyed permutation of BLAKE-32. Also, we show that boomerangs can be used as distinguishers for hash/compression functions and present such distinguishers for the compression function of BLAKE-32 reduced to 7 rounds. Since our distinguis...
متن کاملURSA: A System for Uniform Reduction to SAT
There are a huge number of problems, from various areas, being solved by reducing them to sat. However, for many applications, translation into sat is performed by specialized, problem-specific tools. In this paper we describe a new system for uniform solving of a wide class of problems by reducing them to sat. The system uses a new specification language ursa that combines imperative and decla...
متن کاملUniversal Booleanization of Constraint Models
While the efficiency and scalability of modern SAT technology offers an intriguing alternative approach to constraint solving via translation to SAT, previous work has mostly focused on the translation of specific types of constraints, such as pseudo Boolean constraints, finite integer linear constraints, and constraints given as explicit listings of allowed tuples. By contrast, we present a tr...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014