Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/162578
Title: Exploring differential-based distinguishers and forgeries for ascon
Authors: Gerault, David
Peyrin, Thomas
Tan, Quan Quan
Keywords: Science::Mathematics
Issue Date: 2021
Source: Gerault, D., Peyrin, T. & Tan, Q. Q. (2021). Exploring differential-based distinguishers and forgeries for ascon. IACR Transactions On Symmetric Cryptology, 2021(3), 102-136. https://dx.doi.org/10.46586/tosc.v2021.i3.102-136
Journal: IACR Transactions on Symmetric Cryptology
Abstract: Automated methods have become crucial components when searching for distinguishers against symmetric-key cryptographic primitives. While MILP and SAT solvers are among the most popular tools to model ciphers and perform cryptanalysis, other methods with different performance profiles are appearing. In this article, we explore the use of Constraint Programming (CP) for differential cryptanalysis on the Ascon authenticated encryption family (first choice of the CAESAR lightweight applications portfolio and current finalist of the NIST LWC competition) and its internal permutation. We first present a search methodology for finding differential characteristics for Ascon with CP, which can easily find the best differential characteristics already reported by the Ascon designers. This shows the capability of CP in generating easily good differential results compared to dedicated search heuristics. Based on our tool, we also parametrize the search strategies in CP to generate other differential characteristics with the goal of forming limited-birthday distinguishers for 4, 5, 6 and 7 rounds and rectangle attacks for 4 and 5 rounds of the Ascon internal permutation. We propose a categorization of the distinguishers into black-box and non-black-box to better differentiate them as they are often useful in different contexts. We also obtained limited-birthday distinguishers which represent currently the best known distinguishers for 4, 5 and 6 rounds under the category of non-black-box distinguishers. Leveraging again our tool, we have generated forgery attacks against both reduced-rounds Ascon-128 and Ascon-128A, improving over the best reported results at the time of writing. Finally, using the best differential characteristic we have found for 2 rounds, we could also improve a recent attack on round-reduced Ascon-HAsh.
URI: https://hdl.handle.net/10356/162578
ISSN: 2519-173X
DOI: 10.46586/tosc.v2021.i3.102-136
Rights: © 2021 David Gerault, Thomas Peyrin, Quan Quan Tan. This work is licensed under a Creative Commons Attribution 4.0 International License.
Fulltext Permission: open
Fulltext Availability: With Fulltext
Appears in Collections:SPMS Journal Articles

Files in This Item:
File Description SizeFormat 
document.pdf631.62 kBAdobe PDFView/Open

SCOPUSTM   
Citations 50

2
Updated on Nov 30, 2022

Web of ScienceTM
Citations 50

2
Updated on Nov 30, 2022

Page view(s)

6
Updated on Dec 3, 2022

Download(s)

3
Updated on Dec 3, 2022

Google ScholarTM

Check

Altmetric


Plumx

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.