TY - JOUR
T1 - The Exchange Attack and the Mixture Differential Attack Revisited
T2 - From the Perspective of Automatic Evaluation
AU - Qiao, Kexin
AU - Zhang, Zhiyu
AU - Niu, Zhongfeng
AU - Zhu, Liehuang
N1 - Publisher Copyright:
© 2015 Chinese Institute of Electronics.
PY - 2024/1/1
Y1 - 2024/1/1
N2 - Recent results show that the differential properties within quadruples boom as a new inspiration in cryptanalysis of Advanced Encryption Standard (AES)-like constructions. These methods include the exchange attack proposed in Asiacrypt'19, the mixture differential attack proposed in ToSC'18, etc., where the essential properties are obtained by manually scrutinizing the structures of the AES-like constructions. This paper presents a novel framework and an automatic tool based on mixed integer linear programming to search for mixture differential distinguishers for general constructions. This framework considers what equality patterns among quadruples can make a distinguisher and traces how the patterns propagate through cipher components with accurate probability estimation. With this tool, a 5-round AES distinguishing attack with lower complexity and more 6-round distinguishing attacks in the chosen plaintext scenarios are deduced. We prove that no exchange-type or mixture differential distinguisher exists for 7 and above rounds AES if the details of the Sbox and MixColumns matrix are not taken into account.
AB - Recent results show that the differential properties within quadruples boom as a new inspiration in cryptanalysis of Advanced Encryption Standard (AES)-like constructions. These methods include the exchange attack proposed in Asiacrypt'19, the mixture differential attack proposed in ToSC'18, etc., where the essential properties are obtained by manually scrutinizing the structures of the AES-like constructions. This paper presents a novel framework and an automatic tool based on mixed integer linear programming to search for mixture differential distinguishers for general constructions. This framework considers what equality patterns among quadruples can make a distinguisher and traces how the patterns propagate through cipher components with accurate probability estimation. With this tool, a 5-round AES distinguishing attack with lower complexity and more 6-round distinguishing attacks in the chosen plaintext scenarios are deduced. We prove that no exchange-type or mixture differential distinguisher exists for 7 and above rounds AES if the details of the Sbox and MixColumns matrix are not taken into account.
KW - Advanced Encryption Standard (AES)
KW - Automatic search
KW - Exchange attack
KW - Mixed integer linear programming
KW - Mixture differential cryptanalysis
UR - http://www.scopus.com/inward/record.url?scp=85184073113&partnerID=8YFLogxK
U2 - 10.23919/cje.2023.00.008
DO - 10.23919/cje.2023.00.008
M3 - Article
AN - SCOPUS:85184073113
SN - 1022-4653
VL - 33
SP - 19
EP - 29
JO - Chinese Journal of Electronics
JF - Chinese Journal of Electronics
IS - 1
ER -