Difference between revisions of "Gaetan Leurent"

From ESC2013
Jump to: navigation, search
(Created page with "'''Title''' "Differential Attacks against ARX Designs". '''Astract:''' In this talk, we study differential attacks against ARX schemes. We build upon the generalized chara...")
 
(Links)
 
Line 29: Line 29:
 
these are the first examples of complex differential trails built for
 
these are the first examples of complex differential trails built for
 
pure ARX designs.
 
pure ARX designs.
 +
 +
'''Links'''
 +
 +
[[Media:Leurent-ARXtools.pdf|slides]]
 +
 +
ARXtools homepage: [https://www.cryptolux.org/ARXtools mirror1] [http://www.di.ens.fr/~leurent/arxtools.html mirror2]

Latest revision as of 10:59, 16 January 2013

Title "Differential Attacks against ARX Designs".


Astract:

In this talk, we study differential attacks against ARX schemes. We build upon the generalized characteristics of de Canničre and Rechberger; we introduce new multi-bit constraints to describe differential characteristics in ARX designs more accurately, and quartet constraints to analyze boomerang attacks. We describe an efficient way to propagate multi-bit constraints, that allows us to use the complete set of 2^32 2.5-bit constraints.

We have developed a set of tools for this analysis of ARX primitives based on this set of constraints. We show that the new constraints are more precise than what was used in previous works, and can detect several cases of incompatibility. In particular, we show that several published attacks are in fact fact invalid because the differential characteristics cannot be satisfied. This highlights the importance of verifying differential attacks more thoroughly.

Moreover, we are able to build automatically complex non-linear differential characteristics for reduced versions of the hash function Skein. We describe several characteristics for use in various attack scenarios; this results in attacks with a relatively low complexity, in relatively strong settings. In particular, we show practical free-start and semi-free-start collision attacks for 20 rounds and 12 rounds of Skein-256, respectively. To the best of our knowledge, these are the first examples of complex differential trails built for pure ARX designs.

Links

slides

ARXtools homepage: mirror1 mirror2