Maximums of the additive differential probability of exclusive-or

Nicky Mouha, Nikolay Kolomeec, Danil Akhtiamov, Ivan Sutormin, Matvey Panferov, Kseniya Titova, Tatiana Bonich, Evgeniya Ishchukova, Natalia Tokareva, Bulat Zhantulikov

Результат исследования: Научные публикации в периодических изданияхстатьярецензирование

Аннотация

At FSE 2004, Lipmaa et al. studied the additive differential probability adp (α, β → γ) of exclusive-or where differences α, β, γ ∈ Fn2 are expressed using addition modulo 2n . This probability is used in the analysis of symmetric-key primitives that combine XOR and modular addition, such as the increas-ingly popular Addition-Rotation-XOR (ARX) constructions. The focus of this paper is on maximal differentials, which are helpful when constructing differential trails. We provide the missing proof for Theorem 3 of the FSE 2004 paper, which states that maxα,β adp (α, β → γ) = adp (0, γ → γ) for all γ. Furthermore, we prove that there always exist either two or eight distinct pairs α, β such that adp (α, β → γ) = adp (0, γ → γ), and we obtain recurrence formulas for calculating adp . To gain insight into the range of possible differential probabilities, we also study other properties such as the minimum value of adp (0, γ → γ), and we find all γ that satisfy this minimum value.

Язык оригиналаанглийский
Страницы (с-по)292-313
Число страниц22
ЖурналIACR Transactions on Symmetric Cryptology
Том2021
Номер выпуска2
DOI
СостояниеОпубликовано - 2021

Предметные области OECD FOS+WOS

  • 1.02 КОМПЬЮТЕРНЫЕ И ИНФОРМАЦИОННЫЕ НАУКИ
  • 1.01 МАТЕМАТИКА

Fingerprint

Подробные сведения о темах исследования «Maximums of the additive differential probability of exclusive-or». Вместе они формируют уникальный семантический отпечаток (fingerprint).

Цитировать