automatic search for linear trails of the speck family
play

Automatic Search for Linear Trails of the SPECK Family Yuan Yao 1 , - PowerPoint PPT Presentation

Jan 16, 2023 •109 likes •531 views

Introduction Linear Cryptanalysis Against SPECK An Implementation of Wallns Algorithm Summary Automatic Search for Linear Trails of the SPECK Family Yuan Yao 1 , 2 Bin Zhang 2 Wenling Wu 2 1 TCA Laboratory, Institute of Software, Chinese

  1. Introduction Linear Cryptanalysis Against SPECK An Implementation of Wallén’s Algorithm Summary Automatic Search for Linear Trails of the SPECK Family Yuan Yao 1 , 2 Bin Zhang 2 Wenling Wu 2 1 TCA Laboratory, Institute of Software, Chinese Academy of Sciences 2 University of Chinese Academy of Sciences Information Security Conference, 2015 Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  2. Introduction Linear Cryptanalysis Against SPECK An Implementation of Wallén’s Algorithm Summary Outline Introduction 1 Background Our Contribution Linear Cryptanalysis Against SPECK 2 Search Linear Trails Linear Distinguishers Key Recovery Attacks An Implementation of Wallén’s Algorithm 3 Summary 4 Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  3. Introduction Linear Cryptanalysis Against SPECK Background An Implementation of Wallén’s Algorithm Our Contribution Summary SPECK By NSA in 2013. Lightweight. Feistel-like. ARX. For software applications. Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  4. Introduction Linear Cryptanalysis Against SPECK Background An Implementation of Wallén’s Algorithm Our Contribution Summary Previous Work Differential Analysis by Alex Biryukov et. al. at CT-RSA 2014. Differential Analysis by Farzaneh Abed et. al. at FSE 2014. Differential Analysis by Alex Biryukov et. al. at FSE 2014. Differential Analysis by Itai Dinur at SAC 2014. Differential Fault Analysis by Harshal Tupsamudre et. al. at FDTC 2014. Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  5. Introduction Linear Cryptanalysis Against SPECK Background An Implementation of Wallén’s Algorithm Our Contribution Summary Previous Work Differential Analysis by Alex Biryukov et. al. at CT-RSA 2014. Differential Analysis by Farzaneh Abed et. al. at FSE 2014. Differential Analysis by Alex Biryukov et. al. at FSE 2014. Differential Analysis by Itai Dinur at SAC 2014. Differential Fault Analysis by Harshal Tupsamudre et. al. at FDTC 2014. Linear Cryptanalysis??? Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  6. Introduction Linear Cryptanalysis Against SPECK Background An Implementation of Wallén’s Algorithm Our Contribution Summary Our Contribution Linear cryptanalysis of SPECK. An implementation of Wallén’s algorithm. Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  7. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Basics Definition (Correlation) c X � 2Pr ( X = 0 ) − 1. Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  8. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Basics Definition (Correlation) c X � 2Pr ( X = 0 ) − 1. H 0 : c X = 0 ← → H 1 : c X � = 0 Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  9. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Basics Definition (Correlation) c X � 2Pr ( X = 0 ) − 1. H 0 : c X = 0 ← → H 1 : c X � = 0 Lemma (Piling-up Lemma) c X ⊕ Y = c X c Y . Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  10. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Basics Definitions (Inner Product) X · Y = � n − 1 i = 0 X i & Y i ∈ F 2 . Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  11. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Linear Approximation � S [ 0 ] r rounds encryption � S [ r ] Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  12. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Linear Approximation S [ 0 ] · � � Γ[ 0 ] r rounds encryption � S [ r ] · � Γ[ r ] � S [ 0 ] · � Γ[ 0 ] ⊕ � S [ r ] · � Γ[ r ] ∈ F 2 Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  13. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Linear Trail � S [ 0 ] · � Γ[ 0 ] � S [ 1 ] · � Γ[ 1 ] � S [ 0 ] · � Γ[ 0 ] ⊕ � S [ r ] · � Γ[ r ] � S [ 2 ] · � Γ[ 2 ] � . r − 1 . � � . S [ i ] · � � Γ[ i ] ⊕ � S [ i + 1 ] · � � Γ[ i + 1 ] S [ r − 1 ] · � � i = 0 Γ[ r − 1 ] � S [ r ] · � Γ[ r ] Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  14. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Linear Trail � S [ 0 ] · � Γ[ 0 ] � S [ 1 ] · � Γ[ 1 ] � S [ 0 ] · � Γ[ 0 ] ⊕ � S [ r ] · � Γ[ r ] � S [ 2 ] · � Γ[ 2 ] � . r − 1 . � � . S [ i ] · � � Γ[ i ] ⊕ � S [ i + 1 ] · � � Γ[ i + 1 ] S [ r − 1 ] · � � i = 0 Γ[ r − 1 ] � S [ r ] · � Γ[ r ] Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  15. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Matsui Search Proposed at EUROCRYPT 1994. Branch-and-bound: | B [ r − s ] ∏ s i = 1 c [ i ] | ≤ | B [ r ] | ∏ s i = 1 | c [ i ] | = s rounds ≤ | B [ r ] | | B [ r − s ] | ≥ r − s rounds Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  16. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Matsui Search Algorithm 1: function Search( B , T = {} ) r ← Sizeof( B ) − 1 , s ← Sizeof( T ) 2: if s = r then 3: ˆ B [ r ] ← ∏ r i = 1 c [ i ] 4: else 5: for T ′ in Extend( T ) do 6: if | B [ r − ( s + 1 )] ∏ s + 1 i = 1 c ′ [ i ] | > | ˆ B [ r ] | then 7: Search( B , T ′ ) 8: else 9: return 10: end if 11: end for 12: end if 13: 14: end function Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  17. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Round Function of SPECK � � S [ i ] L S [ i ] R ≫ ς ⊞ ⊕ � ≪ τ k [ i ] ⊕ � � S [ i + 1 ] L S [ i + 1 ] R Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  18. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Approximations of Primitives � � � Γ 1 Γ 1 Γ 1 � � Γ 3 Γ 3 ⊕ ≪ t � � � Γ 2 Γ 2 Γ 2 � Γ 1 ⊕ � Γ 2 ⊕ � Γ 3 = � � Γ 2 = � � Γ 1 = � Γ 2 = � Γ 1 ≪ t 0 Γ 3 Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  19. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Approximations of Primitives � � � Γ 1 Γ 1 Γ 1 � � Γ 3 Γ 3 ⊕ ≪ t � � � Γ 2 Γ 2 Γ 2 � Γ 1 ⊕ � Γ 2 ⊕ � � Γ 2 = � � Γ 1 = � Γ 2 = � Γ 3 = � Γ 1 ≪ t 0 Γ 3 Modulo Addition??? Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  20. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Approximations of Modulo Addition Definition w ) � c � c ( � u ,� v ,� Z 2 . u · ( � Z 1 ⊞ � v · � w · � Z 2 ) ⊕ � Z 1 ⊕ � � v � w ⊞ � u Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

  21. Introduction Search Linear Trails Linear Cryptanalysis Against SPECK Linear Distinguishers An Implementation of Wallén’s Algorithm Key Recovery Attacks Summary Linear Approximation Table Enumerate � u ,� v ,� w , calculate c ( � u ,� v ,� w ) , and sort. 2 3 n � 2 3 n � � � Time: O , Memory: O . Yuan Yao, Bin Zhang, Wenling Wu Automatic Search for Linear Trails of the SPECK Family

Recommend

ZARZAMORA CREEK LINEAR CREEKWAY TRAIL Public Meeting February 6, 2018 LINEAR CREEKWAY TRAILS

ZARZAMORA CREEK LINEAR CREEKWAY TRAIL Public Meeting February 6, 2018 LINEAR CREEKWAY TRAILS

ZARZAMORA CREEK LINEAR CREEKWAY TRAIL Public Meeting February 6, 2018 LINEAR CREEKWAY TRAILS PROJECT Howard Peak Greenway Trail System: City- wide trails network Trail network on the Westside Creeks to complement the Westside Creeks

306 views • 16 slides
Graeme McLean Project Manager The Future Trails to the Towns The Future Family Friendly

Graeme McLean Project Manager The Future Trails to the Towns The Future Family Friendly

Graeme McLean Project Manager The Future Trails to the Towns The Future Family Friendly Facilities Key Tourism Areas The Future Pushing boundaries.. The Future Promoting Sustainable Natural Trails The Future Promoting Scotland as a

792 views • 50 slides
Vat Phou and Champasaks trails Champasaks Highlights Archaeological trails Cultural

Vat Phou and Champasaks trails Champasaks Highlights Archaeological trails Cultural

Vat Phou and Champasaks trails Champasaks Highlights Archaeological trails Cultural trails Historical trails Natural trails Discover Vat Phou and Champasaks cultural and historic landscape by exploring thematjc trails 8 7 2 3 6

91 views • 6 slides
6. Searching Linear Search, Binary Search [Ottman/Widmayer, Kap. 3.2, Cormen et al, Kap. 2:

6. Searching Linear Search, Binary Search [Ottman/Widmayer, Kap. 3.2, Cormen et al, Kap. 2:

6. Searching Linear Search, Binary Search [Ottman/Widmayer, Kap. 3.2, Cormen et al, Kap. 2: Problems 2.1-3,2.2-3,2.3-5] 89 The Search Problem Provided A set of data sets telephone book, dictionary, symbol table Each dataset has a key k . Keys

490 views • 38 slides
Trails of the World Millions of outdoor enthusiasts exploring and sharing great trails and

Trails of the World Millions of outdoor enthusiasts exploring and sharing great trails and

Trails of the World Millions of outdoor enthusiasts exploring and sharing great trails and pictures .com 10M Trails Community 4M Users 10M Trails 4M Registered Users 17M Pictures & Videos 4M Trails 75 Activities 2M Trails 190

191 views • 6 slides
Automatic Speech Recognition (CS753) Automatic Speech Recognition (CS753) Lecture 19: Search,

Automatic Speech Recognition (CS753) Automatic Speech Recognition (CS753) Lecture 19: Search,

Automatic Speech Recognition (CS753) Automatic Speech Recognition (CS753) Lecture 19: Search, Decoding and La tu ices Instructor: Preethi Jyothi Mar 27, 2017 Recap: Static and Dynamic Networks Static network: Build compact decoding graph

350 views • 21 slides
Automatic Creation of Search Heuristics Stefan Edelkamp 1 Overview - Automatic Creation of

Automatic Creation of Search Heuristics Stefan Edelkamp 1 Overview - Automatic Creation of

Automatic Creation of Search Heuristics Stefan Edelkamp 1 Overview - Automatic Creation of Heuristics - Macro Problem Solving - Hierarchical A* and Voltortas Theorem - Pattern Databases - Disjoint Pattern Databases - Multiple, Bounded,

476 views • 29 slides
Trails and Networks: Loom; Going from Trails to Networks and Networks to Trails Mihovil

Trails and Networks: Loom; Going from Trails to Networks and Networks to Trails Mihovil

<Your Name> Trails and Networks: Loom; Going from Trails to Networks and Networks to Trails Mihovil Bartulovic mbartulovic@cmu.edu Dr. Kathleen M. Carley kathleen.carley@cs.cmu.edu Center for Computational Analysis of Social and

393 views • 18 slides
The Challenges of Non-linear Parameters and Variables in Automatic Loop Parallelisation Armin

The Challenges of Non-linear Parameters and Variables in Automatic Loop Parallelisation Armin

The Challenges of Non-linear Parameters and Variables in Automatic Loop Parallelisation Armin Grlinger December 2, 2009 Rigorosum Fakultt fr Informatik und Mathematik Universitt Passau Automatic Loop Parallelisation for (i=1;

505 views • 33 slides
Automatic Speech Recognition (CS753) Automatic Speech Recognition (CS753) Lecture 18: Search

Automatic Speech Recognition (CS753) Automatic Speech Recognition (CS753) Lecture 18: Search

Automatic Speech Recognition (CS753) Automatic Speech Recognition (CS753) Lecture 18: Search & Decoding (Part I) Instructor: Preethi Jyothi Mar 23, 2017 Recall ASR Decoding W = arg max Pr( O A | W ) Pr( W ) W " N 8 9 # 2 3

475 views • 24 slides
i n 1 i a 2 Binary search: ?? i i 0 Linear search: ?? Here

i n 1 i a 2 Binary search: ?? i i 0 Linear search: ?? Here

10/5/2016 Today Review of math essential to algorithm analysis Motivating example: binary vs linear search CSE373: Data Structures and Algorithms Logarithms and exponents Floor and ceiling functions Math Review Numbers

316 views • 6 slides
Linear Search int search(int[] list, int target, int n) { for (int i=1; i<=n; i++) if

Linear Search int search(int[] list, int target, int n) { for (int i=1; i<=n; i++) if

Linear Search int search(int[] list, int target, int n) { for (int i=1; i<=n; i++) if (target == list[i]) return i; return -1; } Order of growth for worst case? Lower Bound on Searching an Unordered List Prove we cant do any better

248 views • 11 slides
E-bikes and Trails: Measuring Impact and Acceptance of Class 1 E-bikes on Trails Presentation

E-bikes and Trails: Measuring Impact and Acceptance of Class 1 E-bikes on Trails Presentation

E-bikes and Trails: Measuring Impact and Acceptance of Class 1 E-bikes on Trails Presentation Overview Relevant legislation JCOS study design Current findings Decision on Class I on JCOS paved trails E-bike demo Discussion HB 17-1151

922 views • 32 slides
TALKING TRAILS BREAKFAST PRESENTED BY: CABOT TRAILS COMMITTEE & CENTRAL VERMONT REGIONAL

TALKING TRAILS BREAKFAST PRESENTED BY: CABOT TRAILS COMMITTEE & CENTRAL VERMONT REGIONAL

TALKING TRAILS BREAKFAST PRESENTED BY: CABOT TRAILS COMMITTEE & CENTRAL VERMONT REGIONAL PLANNING COMMISSION WELCOME Introductions Cabot Trails Committee Recreation Trails Planning Grant Review of Purpose and Needs

117 views • 10 slides
Binary Search Searching an Array 1 Linear Search Go through the array position by position

Binary Search Searching an Array 1 Linear Search Go through the array position by position

Binary Search Searching an Array 1 Linear Search Go through the array position by position until we find x int search(int x, int[] A, int n) //@requires n == \length(A); /*@ensures (\result == -1 && !is_in(x, A, 0, n)) || (0

830 views • 45 slides
Comparison of subdominant eigenvalues of some linear search schemes Alan Pryde 17/07/2012 1 .

Comparison of subdominant eigenvalues of some linear search schemes Alan Pryde 17/07/2012 1 .

Comparison of subdominant eigenvalues of some linear search schemes Alan Pryde 17/07/2012 1 . Linear Search Schemes Suppose we have a collection of n items B 1 , B 2 ,..., B n , such as files in a computer, ordered linearly from left to

241 views • 6 slides
TRAILHEAD NORTH The Ontario Trails Strategy and Trails Action Plan Presentation by Carol Oitment

TRAILHEAD NORTH The Ontario Trails Strategy and Trails Action Plan Presentation by Carol Oitment

TRAILHEAD NORTH The Ontario Trails Strategy and Trails Action Plan Presentation by Carol Oitment Ministry of Tourism, Culture and Sport (MTCS) April 20, 2016 OVERVIEW OF THE PRESENTATION The Provincial Context for Trails Research on the

454 views • 28 slides
Non-linear Dynamics Characterization from Wavelet Packet Transform for Automatic Recognition of

Non-linear Dynamics Characterization from Wavelet Packet Transform for Automatic Recognition of

Non-linear Dynamics Characterization from Wavelet Packet Transform for Automatic Recognition of Emotional Speech J.C. Vsquez-Correa 1 , J.R Orozco-Arroyave 1,2 , J.D Arias-Londoo 1 , J.F Vargas-Bonilla 1 , Elmar Nth 2 1 Faculty of

232 views • 22 slides
Todays Lecture: More on linear search Cell arrays Application of cell array:

Todays Lecture: More on linear search Cell arrays Application of cell array:

Previous Lecture: Characters arrays (type char ) Review top-down design Linear search Todays Lecture: More on linear search Cell arrays Application of cell array: input from (and output to) a text file

389 views • 22 slides
Differential Cryptanalysis of Round-Reduced Simon and Speck Farzaneh Abed Eik List Stefan Lucks

Differential Cryptanalysis of Round-Reduced Simon and Speck Farzaneh Abed Eik List Stefan Lucks

Differential Cryptanalysis of Round-Reduced Simon and Speck Farzaneh Abed Eik List Stefan Lucks Jakob Wenzel Bauhaus-Universitt Weimar FSE 2014 March 27, 2014 March 27, 2014 Agenda Motivation Simon and Speck Our Method Results

533 views • 31 slides
Communications Update Circuit Trails Coalition Semi-Annual Meeting May 2017 Quick Refresher

Communications Update Circuit Trails Coalition Semi-Annual Meeting May 2017 Quick Refresher

Communications Update Circuit Trails Coalition Semi-Annual Meeting May 2017 Quick Refresher Objectives Raise awareness of Circuit Trails vision Increase use of existing trails Drive support for trails among influencers,

322 views • 28 slides
Optimizing Implementations of Linear Layers Zejun Xiang, Xiangyong Zeng, Da Lin, Zhenzhen Bao,

Optimizing Implementations of Linear Layers Zejun Xiang, Xiangyong Zeng, Da Lin, Zhenzhen Bao,

Optimizing Implementations of Linear Layers Zejun Xiang, Xiangyong Zeng, Da Lin, Zhenzhen Bao, Shasha Zhang Nov. 09, 2020 Lightweight Cryptography -Requirements -Primitives : SIMON SPECK Circuit size PRESENT, RECTANGLE

646 views • 22 slides
Sharpness Search Algorithms for Automatic Focusing in the Scanning Electron Microscope C.F.

Sharpness Search Algorithms for Automatic Focusing in the Scanning Electron Microscope C.F.

Sharpness Search Algorithms for Automatic Focusing in the Scanning Electron Microscope C.F. Batten, D.M. Holburn, B.C. Breton, N.H.M. Caldwell Scientific Imaging Group Cambridge University Scanning May 7 th , 2001 Motivation There is a

287 views • 25 slides
Kids in Parks Designing Self-guided Trails that Get Kids in Parks Introducing TRACK Trails Kids

Kids in Parks Designing Self-guided Trails that Get Kids in Parks Introducing TRACK Trails Kids

Kids in Parks Designing Self-guided Trails that Get Kids in Parks Introducing TRACK Trails Kids in Parks provides a network of self-guided, brochure-led hiking trails designed for kids and their families called TRACK Trails. 1 st TRACK Trail

504 views • 13 slides

More recommend