The Deoxys AEAD Family
We present the Deoxys family of authenticated encryption schemes, which consists of
Deoxys-I and Deoxys-II. Both are nonce-based authenticated encryption schemes with …
Deoxys-I and Deoxys-II. Both are nonce-based authenticated encryption schemes with …
Key guessing strategies for linear key-schedule algorithms in rectangle attacks
When generating quartets for the rectangle attacks on ciphers with linear key-schedule, we
find the right quartets which may suggest key candidates have to satisfy some nonlinear …
find the right quartets which may suggest key candidates have to satisfy some nonlinear …
Truncated boomerang attacks and application to AES-based ciphers
The boomerang attack is a cryptanalysis technique that combines two short differentials
instead of using a single long differential. It has been applied to many primitives, and results …
instead of using a single long differential. It has been applied to many primitives, and results …
Automated search oriented to key recovery on ciphers with linear key schedule: applications to boomerangs in SKINNY and ForkSkinny
L Qin, X Dong, X Wang, K Jia, Y Liu - IACR Transactions on Symmetric …, 2021 - tosc.iacr.org
Automatic modelling to search distinguishers with high probability covering as many rounds
as possible, such as MILP, SAT/SMT, CP models, has become a very popular cryptanalysis …
as possible, such as MILP, SAT/SMT, CP models, has become a very popular cryptanalysis …
Probabilistic extensions: a one-step framework for finding rectangle attacks and beyond
In differential-like attacks, the process typically involves extending a distinguisher forward
and backward with probability 1 for some rounds and recovering the key involved in the …
and backward with probability 1 for some rounds and recovering the key involved in the …
A generic algorithm for efficient key recovery in differential attacks–and its associated tool
Differential cryptanalysis is an old and powerful attack against block ciphers. While different
techniques have been introduced throughout the years to improve the complexity of this …
techniques have been introduced throughout the years to improve the complexity of this …
Optimizing rectangle and boomerang attacks: A unified and generic framework for key recovery
The rectangle attack has shown to be a very powerful form of cryptanalysis against block
ciphers. Given a rectangle distinguisher, one expects to mount key recovery attacks as …
ciphers. Given a rectangle distinguisher, one expects to mount key recovery attacks as …
Optimizing rectangle attacks: a unified and generic framework for key recovery
The rectangle attack has shown to be a very powerful form of cryptanalysis against block
ciphers. Given a rectangle distinguisher, one expects to mount key recovery attacks as …
ciphers. Given a rectangle distinguisher, one expects to mount key recovery attacks as …
Impossible Boomerang Attacks Revisited: Applications to Deoxys-BC, Joltik-BC and SKINNY
J Zhang, H Wang, D Tang - Cryptology ePrint Archive, 2024 - eprint.iacr.org
The impossible boomerang (IB) attack was first introduced by Lu in his doctoral thesis and
subsequently published at DCC in 2011. The IB attack is a variant of the impossible …
subsequently published at DCC in 2011. The IB attack is a variant of the impossible …
Automatic search of rectangle attacks on feistel ciphers: application to WARP
In this paper we present a boomerang analysis of WARP, a recently proposed Generalized
Feistel Network with extremely compact hardware implementations. We start by looking for …
Feistel Network with extremely compact hardware implementations. We start by looking for …