[PDF][PDF] Status report on the second round of the NIST lightweight cryptography standardization process
Abstract The National Institute of Standards and Technology (NIST) initiated a public
standardization process to select one or more Authenticated Encryption with Associated …
standardization process to select one or more Authenticated Encryption with Associated …
Key guessing strategies for linear key-schedule algorithms in rectangle attacks
When generating quartets for the rectangle attacks on ciphers with linear key-schedule, we
find the right quartets which may suggest key candidates have to satisfy some nonlinear …
find the right quartets which may suggest key candidates have to satisfy some nonlinear …
Automated search oriented to key recovery on ciphers with linear key schedule: applications to boomerangs in SKINNY and ForkSkinny
L Qin, X Dong, X Wang, K Jia, Y Liu - IACR Transactions on Symmetric …, 2021 - tosc.iacr.org
Automatic modelling to search distinguishers with high probability covering as many rounds
as possible, such as MILP, SAT/SMT, CP models, has become a very popular cryptanalysis …
as possible, such as MILP, SAT/SMT, CP models, has become a very popular cryptanalysis …
Probabilistic extensions: a one-step framework for finding rectangle attacks and beyond
In differential-like attacks, the process typically involves extending a distinguisher forward
and backward with probability 1 for some rounds and recovering the key involved in the …
and backward with probability 1 for some rounds and recovering the key involved in the …
[KNYGA][B] Status report on the final round of the NIST lightweight cryptography standardization process
Abstract The National Institute of Standards and Technology (NIST) initiated a public
standardization process to select one or more schemes that provide Authenticated …
standardization process to select one or more schemes that provide Authenticated …
Improved differential meet-in-the-middle cryptanalysis
In this paper, we extend the applicability of differential meet-in-the-middle attacks, proposed
at Crypto 2023, to truncated differentials, and in addition, we introduce three new ideas to …
at Crypto 2023, to truncated differentials, and in addition, we introduce three new ideas to …
Optimizing rectangle and boomerang attacks: A unified and generic framework for key recovery
The rectangle attack has shown to be a very powerful form of cryptanalysis against block
ciphers. Given a rectangle distinguisher, one expects to mount key recovery attacks as …
ciphers. Given a rectangle distinguisher, one expects to mount key recovery attacks as …
Optimizing rectangle attacks: a unified and generic framework for key recovery
The rectangle attack has shown to be a very powerful form of cryptanalysis against block
ciphers. Given a rectangle distinguisher, one expects to mount key recovery attacks as …
ciphers. Given a rectangle distinguisher, one expects to mount key recovery attacks as …
Throwing boomerangs into Feistel structures: Application to CLEFIA, WARP, LBlock, LBlock-s and TWINE
H Hadipour, M Nageler… - IACR Transactions …, 2022 - moving-the-social.ub.rub.de
Automatic tools to search for boomerang distinguishers have seen significant advances over
the past few years. However, most previous work has focused on ciphers based on a …
the past few years. However, most previous work has focused on ciphers based on a …
Revisiting related-key boomerang attacks on AES using computer-aided tool
In recent years, several MILP models were introduced to search automatically for
boomerang distinguishers and boomerang attacks on block ciphers. However, they can only …
boomerang distinguishers and boomerang attacks on block ciphers. However, they can only …