generating graphs packed with paths
play

Generating Graphs Packed With Paths Philip Vejre 1 Mathias - PowerPoint PPT Presentation

Jul 04, 2023 •969 likes •1.6k views

Generating Graphs Packed With Paths Philip Vejre 1 Mathias Hall-Andersen 2 FSE 2019 1 DTU, Akamai Technologies 2 PLTC @ University of Copenhagen 1 Overview Motivation Linear Cryptanalysis & Graphs Subgraph Heuristics (for SPN) Plots &

  1. Generating Graphs Packed With Paths Philip Vejre 1 Mathias Hall-Andersen 2 FSE 2019 1 DTU, Akamai Technologies 2 PLTC @ University of Copenhagen 1

  2. Overview Motivation Linear Cryptanalysis & Graphs Subgraph Heuristics (for SPN) Plots & Results Future Work 2

  3. Motivation

  4. Differential and Linear Distinguishers [BS90] P x [ E k ( x ) + ∇ = E k ( x + ∆)] [Mat93] P x [ � α, x � = � β, E k ( x ) � ] 3

  5. Differential and Linear Distinguishers [BS90] P x [ E k ( x ) + ∇ = E k ( x + ∆)] [Mat93] P x [ � α, x � = � β, E k ( x ) � ] 3

  6. Differential and Linear Distinguishers [BS90] P x [ E k ( x ) + ∇ = E k ( x + ∆)] [Mat93] P x [ � α, x � = � β, E k ( x ) � ] 3

  7. Differential and Linear Distinguishers In this presentation, focus on linear cryptanalysis (differential largely analogous) [MY92], [Mat93] P x [ � α, x � = � β, E k ( x ) � ] 4

  8. Iterated Ciphers and Trails E k = E ( r ) k r ◦ . . . ◦ E (2) k 2 ◦ E (1) k 1 5

  9. Iterated Ciphers and Trails E k = E ( r ) k r ◦ . . . ◦ E (2) k 2 ◦ E (1) k 1 U = ( α = u 0 , . . . , u r = β ) 5

  10. Iterated Ciphers and Trails E k = E ( r ) k r ◦ . . . ◦ E (2) k 2 ◦ E (1) k 1 U = ( α = u 0 , . . . , u r = β ) ( u i , u i +1 ) ( i ) = 2 · P x ∈ F n [ � u i , x � = � u i +1 , E ( i ) C k i k i ( x ) � ] − 1 5

  11. Hull Correlation contribution for linear trail 1 : r C k � C k i U = ( u i , u i +1 ) ( i ) i =0 1 under ‘Markov cipher assumption’ 6

  12. Hull Correlation contribution for linear trail 1 : r C k � C k i U = ( u i , u i +1 ) ( i ) i =0 � C k C k α,β = U U :( u 0 , u r )=( α,β ) 1 under ‘Markov cipher assumption’ 6

  13. Hull; Expected Linear Potential For key-alternating ciphers (key-addition in the field): r U ) 2 = ( C U ) 2 = � ( u i , u i +1 ) ( i )) 2 ∀ k : ( C k ( C k i =0 7

  14. Hull; Expected Linear Potential For key-alternating ciphers (key-addition in the field): r U ) 2 = ( C U ) 2 = ∀ k : ( C k � ( C k ( u i , u i +1 ) ( i )) 2 i =0 E [( C α,β ) 2 ] ≈ � ( C k U ) 2 U :( u 0 , u r )=( α,β ) 7

  15. Hull; Expected Linear Potential For key-alternating ciphers (key-addition in the field): r U ) 2 = ( C U ) 2 = ∀ k : ( C k � ( C k ( u i , u i +1 ) ( i )) 2 i =0 E [( C α,β ) 2 ] ≈ � ( C k U ) 2 U ∈U , ( u 0 , u r )=( α,β ) 7

  16. Hull; Expected Linear Potential For key-alternating ciphers (key-addition in the field): r U ) 2 = ( C U ) 2 = ∀ k : ( C k � ( C k ( u i , u i +1 ) ( i )) 2 i =0 E [( C α,β ) 2 ] ≈ � ( C U ) 2 U ∈U , ( u 0 , u r )=( α,β ) Problem: Current methods usually linear in the number of trails 7

  17. Linear Cryptanalysis & Graphs

  18. Multistage Graph α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 8

  19. Nodes and Parities α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 Nodes α ∈ F n represent parities α ∗ for linear cryptanalysis: α ∗ : v �→ � v , α � 9

  20. Edges and Approximations α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 l ( u → v ) = ( C k ( u , v ) ) 2 10

  21. Paths and Trails α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 r − 1 � l ( v 0 � v r ) = l ( v i → v i +1 ) i =0 11

  22. Hulls as Sets of Paths α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 � � w G E ( α β ) = l ( α � β ) = w G E ( α v ) · l ( v → β ) ♦ ♦ v 12

  23. Hulls as Sets of Paths α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 � � w G E ( α β ) = l ( α � β ) = w G E ( α v ) · l ( v → β ) ♦ ♦ v 13

  24. Hulls as Sets of Paths α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 � � w G E ( α β ) = l ( α � β ) = w G E ( α v ) · l ( v → β ) ♦ ♦ v 13

  25. Hulls as Sets of Paths α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 � � w G E ( α β ) = l ( α � β ) = w G E ( α v ) · l ( v → β ) ♦ ♦ v 13

  26. Suitable Subgraphs The full graph G E is too large. (exponential in the block-size) 14

  27. Can we find suitable ¯ G E ⊂ G E , that contains the good trails? i.e. max α,β w ¯ G E ( α β ) is large. ♦ 15

  28. Subgraph Heuristics (for SPN)

  29. Overall Method 1. Pick disjoint ‘families’ of edges 16

  30. Overall Method 1. Pick disjoint ‘families’ of edges 2. Prune the families an ‘approximate’ graph 16

  31. Overall Method 1. Pick disjoint ‘families’ of edges 2. Prune the families an ‘approximate’ graph 3. Expand the families to a full graph 16

  32. Overall Method 1. Pick disjoint ‘families’ of edges 2. Prune the families an ‘approximate’ graph 3. Expand the families to a full graph 4. Remove unneeded vertices & edges in resulting graph 16

  33. Pruning Strip l ( v → u ) = 0 17

  34. Pruning Prune 18

  35. S-Box Patterns / Families of edges Example: 16-bit SPN, with four identical 4-bit S-Boxes. 19

  36. S-Box Patterns / Families of edges Example: 16-bit SPN, with four identical 4-bit S-Boxes. C 2 ( 0x3 , 0xd ) = 2 − 2 C 2 ( 0x7 , 0x4 ) = 2 − 2 19

  37. S-Box Patterns / Families of edges Example: 16-bit SPN, with four identical 4-bit S-Boxes. C 2 ( 0x3 , 0xd ) = 2 − 2 C 2 ( 0x7 , 0x4 ) = 2 − 2 p = (1 , 2 − 2 , 1 , 2 − 2 ) 19

  38. S-Box Patterns / Families of edges Example: 16-bit SPN, with four identical 4-bit S-Boxes. C 2 ( 0x3 , 0xd ) = 2 − 2 C 2 ( 0x7 , 0x4 ) = 2 − 2 p = (1 , 2 − 2 , 1 , 2 − 2 ) Ex( p ) = { ( 0x0303 , 0x0d0d ) , ( 0x0307 , 0x0d04 ) , ( 0x0703 , 0x040d ) , ( 0x0707 , 0x0404 ) } 19

  39. S-Box Patterns / Families of edges Ex( p ) = { ( 0x0303 , 0x0d0d ) , ( 0x0307 , 0x0d04 ) , ( 0x0703 , 0x040d ) , ( 0x0707 , 0x0404 ) } Ex in ( p ) = { 0x0303 , 0x0307 , 0x0703 , 0x0707 } Ex out ( p ) = { 0x0d0d , 0x0d04 , 0x040d , 0x0404 } 20

  40. Graph Defined By S-Box Pattern Set Given a set of S-Box patterns P , the graph defined by P : � E = Ex( P ) = Ex( p ) p ∈P V = Ex in ( P ) ∪ Ex out ( P ) 21

  41. Graph Defined By S-Box Pattern Set Let P be a set of S-Box patterns defining our subgraph. 22

  42. Graph Defined By S-Box Pattern Set Let P be a set of S-Box patterns defining our subgraph. For intermediate stages: v / ∈ Ex in ( P ) ∩ Ex out ( P ) = ⇒ v is pruned 22

  43. Graph Compression Problem: Ex( P ) too large to store explicitly ( | Ex( P ) | ≫ |P| ) 23

  44. Graph Compression Problem: Ex( P ) too large to store explicitly ( | Ex( P ) | ≫ |P| ) Idea: Can we prune P before expanding? 23

  45. Graph Compression Problem: Ex( P ) too large to store explicitly ( | Ex( P ) | ≫ |P| ) Idea: Can we prune P before expanding? Generate an approximation of ¯ G E = Ex( P ), by applying a compression function g j : F n → F n / j to every vertex. u → v ∈ ¯ g j ( ¯ G E = ⇒ ˆ g j ( u ) → ˆ g j ( v ) ∈ ˆ G E ) 23

  46. Graph Compression Iteratively refine the compression: 1. Generate a set of patterns P . 2. Pick a j > 1 such that j is a power of two: g j ( ¯ 2.1 Generate the graph ˆ G E ) from P and prune. g j ( ¯ 2.2 Remove dead patterns from P according to ˆ G E ). 2.3 If j = 2 then stop. Otherwise set j = j / 2 and repeat. 24

  47. Vertex Anchoring S 0 S 1 S 2 S 3 S 4 S 5 S 6 S 7 25

  48. Vertex Anchoring Pruned middle rounds S 0 S 1 S 2 S 3 S 4 S 5 S 6 S 7 26

  49. Vertex Anchoring Pruned middle rounds S 0 S 1 S 2 S 3 S 4 S 5 S 6 S 7 27

  50. Plots & Results

  51. https://gitlab.com/psve/cryptagraph 28

  52. Plots of subgraphs (for small parameters) 29

  53. PRESENT [BKL + 07] 30

  54. GIFT [BPP + 17] 31

Recommend

Graphs Readings: Section 28 Topics: Introduction to directed graphs Representing graphs Finding

Graphs Readings: Section 28 Topics: Introduction to directed graphs Representing graphs Finding

Graphs Readings: Section 28 Topics: Introduction to directed graphs Representing graphs Finding paths Termination Improving find-path Making find-path more efficient Intro Representation Paths v1 Termination Paths v2 Paths v3 1/45 16:

302 views • 15 slides
Graphs II - Shortest paths Single Source Shortest Paths All Sources Shortest Paths some drawings

Graphs II - Shortest paths Single Source Shortest Paths All Sources Shortest Paths some drawings

Graphs II - Shortest paths Single Source Shortest Paths All Sources Shortest Paths some drawings and notes from prof. Tom Cormen Single Source SP Context: directed graph G=(V ,E,w), weighted edges The shortest path (SP) between

881 views • 69 slides
"Interesting" Paths = Shortest Paths? "Interesting" Paths Shortest Paths!

"Interesting" Paths = Shortest Paths? "Interesting" Paths Shortest Paths!

WiSP : Weighted Shortest Paths for RDF graphs Gonzalo Tartari, Aidan Hogan DCC, Universidad de Chile "Interesting" Paths = Shortest Paths? "Interesting" Paths Shortest Paths! (Many of the) Existing Approaches Enumerate

783 views • 52 slides
Shortest Paths, and Dijkstras Algorithm: Overview Graphs with lengths/weights/costs on edges.

Shortest Paths, and Dijkstras Algorithm: Overview Graphs with lengths/weights/costs on edges.

Shortest Paths, and Dijkstras Algorithm: Overview Graphs with lengths/weights/costs on edges. Shortest paths in edge-weighted graphs Dijkstas classic algorithm for computing single-source shortest paths. Kousha Etessami (U. of Edinburgh,

716 views • 13 slides
Graphs-Introduction November 9, 2016 CMPE 250 Graphs-Introduction November 9, 2016 1 / 32

Graphs-Introduction November 9, 2016 CMPE 250 Graphs-Introduction November 9, 2016 1 / 32

Graphs-Introduction November 9, 2016 CMPE 250 Graphs-Introduction November 9, 2016 1 / 32 Graphs - Basic Concepts Basic definitions: vertices and edges More definitions: paths, simple paths, cycles, loops Connected and disconnected graphs

484 views • 32 slides
Advertisement! CSE 528 Computational Neuroscience now open to undergraduates How does the

Advertisement! CSE 528 Computational Neuroscience now open to undergraduates How does the

Last Course Topic: Graphs & Trees Motivation for Graphs Definition Directed and undirected graphs Representing Graphs Paths, Circuits, and Trees Famous Graph Problems Covered in Chapters 9 and 10 in the text (we will

279 views • 25 slides
Replacement Paths and k Simple Shortest Paths in Unweighted Directed Graphs Liam Roditty Uri

Replacement Paths and k Simple Shortest Paths in Unweighted Directed Graphs Liam Roditty Uri

Replacement Paths and k Simple Shortest Paths in Unweighted Directed Graphs Liam Roditty Uri Zwick IIT Madras November 2019 Mithun, Jayasurya (IIT Madras) Replacement Paths November 2019 1 / 32 Introduction and Motivation Suppose that we

1.31k views • 89 slides
Generating Paths through Cultural Heritage Collections Samuel Fernando, Paula Goodale, Paul

Generating Paths through Cultural Heritage Collections Samuel Fernando, Paula Goodale, Paul

Generating Paths through Cultural Heritage Collections Samuel Fernando, Paula Goodale, Paul Clough, Mark Stevenson, Mark Hall, Eneko Agirre LaTeCH 2013, ACL Workshop, Sofia, Bulgaria. Outline Paths through cultural heritage collections

314 views • 28 slides
Paths and Random Walks on Graphs Based on materials by

Paths and Random Walks on Graphs Based on materials by

Paths and Random Walks on Graphs Based on materials by Lala Adamic and Purnamrita Sarkar 1 Mo#va#on: Link predic#on in social networks 2 Mo#va#on:

393 views • 38 slides
Shortest Paths in Graphs CS16: Introduction to Data Structures & Algorithms Spring 2020

Shortest Paths in Graphs CS16: Introduction to Data Structures & Algorithms Spring 2020

Shortest Paths in Graphs CS16: Introduction to Data Structures & Algorithms Spring 2020 Outline Shortest Paths Breadth First Search Dijkstras Algorithm 2 What is a Shortest Path? Given weighted graph G (weights on

1.39k views • 63 slides
The Sigma Chromatic Number of Corona of Cycles or Paths with Complete Graphs Agnes D. Garciano 1

The Sigma Chromatic Number of Corona of Cycles or Paths with Complete Graphs Agnes D. Garciano 1

Preliminaries Corona Graphs C m K n and P m K n Main Results Open Problems References The Sigma Chromatic Number of Corona of Cycles or Paths with Complete Graphs Agnes D. Garciano 1 Reginaldo M. Marcelo 1 Maria Czarina T. Lagura 2

673 views • 52 slides
Data Structures in Java Lecture 17: Traversing Graphs. Shortest Paths. 10/18/2015 Daniel Bauer

Data Structures in Java Lecture 17: Traversing Graphs. Shortest Paths. 10/18/2015 Daniel Bauer

Data Structures in Java Lecture 17: Traversing Graphs. Shortest Paths. 10/18/2015 Daniel Bauer 1 Today: Graph Traversals Depth First Search (a generalization of pre-order traversal on trees to graphs, users a Stack) Breadth First

1.6k views • 134 slides
Planar graphs: multiple-source shortest paths, brick decomposition, and Steiner tree Philip

Planar graphs: multiple-source shortest paths, brick decomposition, and Steiner tree Philip

Planar graphs: multiple-source shortest paths, brick decomposition, and Steiner tree Philip Klein joint work with Glencora Borradaile and Claire Mathieu Program: For fundamental optimization problems on graphs, get better algorithm when

972 views • 63 slides
Graphs of Edge-Intersecting and Non-Splitting Paths A. Boyac B.U Istanbul T. Ekim B.U, Istanbul

Graphs of Edge-Intersecting and Non-Splitting Paths A. Boyac B.U Istanbul T. Ekim B.U, Istanbul

Graphs of Edge-Intersecting and Non-Splitting Paths A. Boyac B.U Istanbul T. Ekim B.U, Istanbul M. Shalom Tel-Hai College S. Zaks Technion M. Shalom-Sep 19, 2014 ICTCS 14 , Perugia EPT and EPG Graphs [1] Golumbic, M. C. & Jamison, R.

478 views • 25 slides
Locating median paths on connected outerplanar graphs Andrea Scozzari University of Rome La

Locating median paths on connected outerplanar graphs Andrea Scozzari University of Rome La

Locating median paths on connected outerplanar graphs Andrea Scozzari University of Rome La Sapienza andrea.scozzari@uniroma1.it co-authors: Isabella Lari 7th Cologne-Twente Workshop on Federica Ricca Graphs and Combinatorial Ronald

656 views • 39 slides
Paths in graphs Russell Impagliazzo and Miles Jones Thanks to Janine Tiefenbruck

Paths in graphs Russell Impagliazzo and Miles Jones Thanks to Janine Tiefenbruck

Paths in graphs Russell Impagliazzo and Miles Jones Thanks to Janine Tiefenbruck http://cseweb.ucsd.edu/classes/sp16/cse21-bd/ April 20, 2016 Die Hard with a vengeance https://youtu.be/5_MoNu9Mkm4 Path Sequence (v 0 , e 1 , v 1 , e 2 , v 2 ,

1.68k views • 119 slides
Graphs of Edge-Intersecting and Non-Splitting Paths A. Boyac B.U Istanbul T. Ekim B.U, Istanbul

Graphs of Edge-Intersecting and Non-Splitting Paths A. Boyac B.U Istanbul T. Ekim B.U, Istanbul

Graphs of Edge-Intersecting and Non-Splitting Paths A. Boyac B.U Istanbul T. Ekim B.U, Istanbul M. Shalom Tel-Hai College S. Zaks Technion M. Shalom-June 16, 2015 AGTAC 2015 EPT and EPG Graphs [1] Golumbic, M. C. & Jamison, R. E. (1985),

538 views • 31 slides
Partitioning 3-coloured complete graphs into three monochromatic paths Alexey Pokrovskiy London

Partitioning 3-coloured complete graphs into three monochromatic paths Alexey Pokrovskiy London

Partitioning 3-coloured complete graphs into three monochromatic paths Alexey Pokrovskiy London School of Economics and Political Sciences, a.pokrovskiy@lse.ac.uk August 29, 2011 Alexey Pokrovskiy (Freie) Covering Coloured Graphs by Cycles

288 views • 18 slides
Weighted Graphs weights on the edges of a graph represent distances, costs, etc. An

Weighted Graphs weights on the edges of a graph represent distances, costs, etc. An

S HORTEST P ATHS Weighted Digraphs Shortest paths 2704 1846 867 BOS ORD 187 740 JFK SFO 1464 802 337 1090 LAX 1235 1258 1121 DFW 2342 MIA Shortest Paths 1 Weighted Graphs weights on the edges of a graph represent

558 views • 24 slides
Fun and Games with Graphs CS200 - Graphs 1 8 7 7 5 9 S 5 15 6 8 9 11 Do Dijkstras

Fun and Games with Graphs CS200 - Graphs 1 8 7 7 5 9 S 5 15 6 8 9 11 Do Dijkstras

Fun and Games with Graphs CS200 - Graphs 1 8 7 7 5 9 S 5 15 6 8 9 11 Do Dijkstras Shortest Paths Algorithm, Source: S CS200 - Class Overview 2 8 7 7 5 9 S 5 15 6 8 9 11 Do Prims Minimum Spanning Tree Algorithm,

368 views • 26 slides
Monotone Paths in Dense Edge-Ordered Graphs Kevin G. Milans ( milans@math.wvu.edu ) West Virginia

Monotone Paths in Dense Edge-Ordered Graphs Kevin G. Milans ( milans@math.wvu.edu ) West Virginia

Monotone Paths in Dense Edge-Ordered Graphs Kevin G. Milans ( milans@math.wvu.edu ) West Virginia University AMS Spring Southeastern Sectional Meeting University of Georgia Athens, GA March 5, 2016 Monotone paths Let G be a graph whose

1.2k views • 91 slides
On some tractable constraints on paths in graphs and in proofs Nguyn L Thnh Dng cole

On some tractable constraints on paths in graphs and in proofs Nguyn L Thnh Dng cole

. . . . . . . . . . . . . . On some tractable constraints on paths in graphs and in proofs Nguyn L Thnh Dng cole normale suprieure de Paris & LIPN, Universit Paris Nord nltd@nguyentito.eu Cologne-Twente Workshop

495 views • 24 slides
Darwini: Generating realistic large- scale social graphs Dionysios Logothetis Cheng Wang Sergey

Darwini: Generating realistic large- scale social graphs Dionysios Logothetis Cheng Wang Sergey

Darwini: Generating realistic large- scale social graphs Dionysios Logothetis Cheng Wang Sergey Edunov Facebook University of Houston Facebook Avery Ching Maja Kabiljo Facebook Facebook Benchmark Graphs Benchmark to Social Graphs

579 views • 24 slides
Preferred Path Routing ( PPR ) Graphs Beyond Signaling Of Paths To Networks CNSM 2018

Preferred Path Routing ( PPR ) Graphs Beyond Signaling Of Paths To Networks CNSM 2018

Preferred Path Routing ( PPR ) Graphs Beyond Signaling Of Paths To Networks CNSM 2018 HIPNET workshop Toerless Eckert, Yingzhen Qu, Uma Chunduri Future Networks Santa Clara, California, USA {firstname.lastname}@huawei.com version

676 views • 20 slides

More recommend