unaf a special set of additive differences with
play

UNAF: A Special Set of Additive Differences with Application to the - PowerPoint PPT Presentation

Feb 26, 2024 •24 likes •444 views

Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: A Special Set of Additive Differences with Application to the Differential Analysis of ARX V. Velichkov N. Mouha C. De Cannire B. Preneel COSIC, KU Leuven; IBBT FSE

  1. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: A Special Set of Additive Differences with Application to the Differential Analysis of ARX V. Velichkov N. Mouha C. De Cannière B. Preneel COSIC, KU Leuven; IBBT FSE 2012, March 19-21, Washington DC, USA Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 1 / 24

  2. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF Differences Cluster Multiple Characteristics ∆ + x ∆ U x ∆ U ∆ + 1 1 ∆ U ∆ + 2 2 = ⇒ ∆ U ∆ + 3 3 ∆ U ∆ + 4 4 ∆ U y ∆ + y Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 2 / 24

  3. Introduction The UNAF Framework Salsa20 Applications Conclusions Applications of UNAF Differences Improved estimations of probabilities of differentials through ARX. New (better ? ) attacks. Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 3 / 24

  4. Introduction The UNAF Framework Salsa20 Applications Conclusions Differential Cryptanalysis [Biham and Shamir,1991] P ∆ P = P ⊕ P P ′ ′ round round X 1 ∆ X 1 X ′ 1 round round X 2 ∆ X 2 X ′ 2 round round C ∆ C = C ⊕ C C ′ ′ Pr (∆ P → ∆ C ) =? Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 4 / 24

  5. Introduction The UNAF Framework Salsa20 Applications Conclusions Addition, Rotation, XOR (ARX) P Addition ( ⊞ ) : confusion Rotation ( ≪ ) : diffusion within a word ARX XOR ( ⊕ ): diffusion between words C SHA-1 FEAL MD4 TEA Skein RC2 MD5 RC5 SHA-2 Salsa20 BLAKE 1987 1990 1994 2001 2006 2008 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 5 / 24

  6. Introduction The UNAF Framework Salsa20 Applications Conclusions Types of Differences Additive difference ∆ + Definition ′ − X . ∆ + X = X Example = X ′ 1000 2 = X − 0101 2 = ∆ + X 0011 2 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 6 / 24

  7. Introduction The UNAF Framework Salsa20 Applications Conclusions Types of Differences XOR difference ∆ ⊕ Definition ′ ⊕ X . ∆ ⊕ X = X Example = X ′ 1000 2 = X ⊕ 0101 2 = ∆ ⊕ X 1101 2 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 6 / 24

  8. Introduction The UNAF Framework Salsa20 Applications Conclusions Types of Differences BSD (Binary-Signed Digit) Difference ∆ ± Definition ∆ ± X : ∆ ± X [ i ] = ( X ′ [ i ] − X [ i ]) ∈ { 1 , 0 , 1 } , 0 ≤ i < n . Example = X ′ 1000 2 = X − 0101 2 = ∆ ± X 1101 2 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 6 / 24

  9. Introduction The UNAF Framework Salsa20 Applications Conclusions Types of Differences NAF (Non-Adjacent Form) Difference ∆ N Definition A NAF is a special BSD diff. s.t. no two consecutive bits are non-zero: (∆ N X [ i ] � = 0 ) ∧ (∆ N X [ i + 1 ] � = 0 ) , ∄ i : 0 ≤ i < n − 1 . Example � + 1 · 2 3 − 1 · 2 2 − 1 · 2 0 = 1101 2 = ∆ ± X , ∆ + X = 3 = + 1 · 2 2 − 1 · 2 0 = 0101 2 = ∆ N X . Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 6 / 24

  10. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF (Unsigned NAF) Difference Definition ∆ U X = { ∆ + a : | ∆ N a | = | ∆ N X |} . Example ∆ U X = 5 = ⇒ ∆ U X = { 3 , 13 , 5 , 11 } .  3 = + 1 · 2 2 − 1 · 2 0 ( mod 2 4 ) = 010 ¯ 1    13 = − 1 · 2 2 + 1 · 2 0 ( mod 2 4 ) = 0 ¯  101 ∆ U X = 5 =  = 0101 . 5 = + 1 · 2 2 + 1 · 2 0 ( mod 2 4 ) = 0101    11 = − 1 · 2 2 − 1 · 2 0 ( mod 2 4 ) = 0 ¯ 10 ¯  1  Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 7 / 24

  11. Introduction The UNAF Framework Salsa20 Applications Conclusions The Additive Differential Probability of XOR ( adp ⊕ ) a 1 b 1 ∆ + a + a 1 ∆ + b + b 1 c 1 ∆ + c + c 1 ((∆ + a + a 1 ) ⊕ (∆ + b + b 1 )) − ( a 1 ⊕ b 1 ) = ∆ + c . Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 8 / 24

  12. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: Clustering of Differentials adp ⊕ ( 5 , 1 → 10 ) = 0 . 15625 5 1 10 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 9 / 24

  13. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: Clustering of Differentials adp ⊕ ( 5 , 1 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 1 → 6 ) = 0 . 15625 5 1 10 6 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 9 / 24

  14. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: Clustering of Differentials adp ⊕ ( 5 , 1 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 10 ) = 0 . 15625 15 5 1 10 6 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 9 / 24

  15. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: Clustering of Differentials adp ⊕ ( 5 , 1 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 6 ) = 0 . 15625 15 5 1 10 6 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 9 / 24

  16. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: Clustering of Differentials adp ⊕ ( 5 , 1 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 6 ) = 0 . 15625 11 15 adp ⊕ ( 11 , 1 → 10 ) = 0 . 15625 1 5 10 6 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 9 / 24

  17. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: Clustering of Differentials adp ⊕ ( 5 , 1 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 6 ) = 0 . 15625 11 15 adp ⊕ ( 11 , 1 → 10 ) = 0 . 15625 1 adp ⊕ ( 11 , 1 → 5 6 ) = 0 . 15625 10 6 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 9 / 24

  18. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: Clustering of Differentials adp ⊕ ( 5 , 1 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 6 ) = 0 . 15625 11 15 adp ⊕ ( 11 , 1 → 10 ) = 0 . 15625 5 1 adp ⊕ ( 11 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 11 , 15 → 10 ) = 0 . 15625 10 6 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 9 / 24

  19. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: Clustering of Differentials adp ⊕ ( 5 , 1 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 6 ) = 0 . 15625 11 15 adp ⊕ ( 11 , 1 → 10 ) = 0 . 15625 adp ⊕ ( 11 , 1 → 5 1 6 ) = 0 . 15625 adp ⊕ ( 11 , 15 → 10 ) = 0 . 15625 adp ⊕ ( 11 , 15 → 6 ) = 0 . 15625 10 6 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 9 / 24

  20. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: Clustering of Differentials adp ⊕ ( 5 , 1 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 10 ) = 0 . 15625 3 adp ⊕ ( 5 , 15 → 6 ) = 0 . 15625 11 15 adp ⊕ ( 11 , 1 → 10 ) = 0 . 15625 1 5 adp ⊕ ( 11 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 11 , 15 → 10 ) = 0 . 15625 adp ⊕ ( 11 , 15 → 6 ) = 0 . 15625 adp ⊕ ( 3 , 1 → 10 ) = 0 . 09375 10 6 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 9 / 24

  21. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: Clustering of Differentials adp ⊕ ( 5 , 1 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 10 ) = 0 . 15625 3 adp ⊕ ( 5 , 15 → 6 ) = 0 . 15625 11 15 adp ⊕ ( 11 , 1 → 10 ) = 0 . 15625 1 adp ⊕ ( 11 , 1 → 5 6 ) = 0 . 15625 adp ⊕ ( 11 , 15 → 10 ) = 0 . 15625 adp ⊕ ( 11 , 15 → 6 ) = 0 . 15625 adp ⊕ ( 3 , 1 → 10 ) = 0 . 09375 adp ⊕ ( 3 , 1 → 6 ) = 0 . 09375 10 6 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 9 / 24

  22. Introduction The UNAF Framework Salsa20 Applications Conclusions UNAF: Clustering of Differentials adp ⊕ ( 5 , 1 → 10 ) = 0 . 15625 adp ⊕ ( 5 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 5 , 15 → 10 ) = 0 . 15625 3 adp ⊕ ( 5 , 15 → 6 ) = 0 . 15625 15 11 adp ⊕ ( 11 , 1 → 10 ) = 0 . 15625 5 1 adp ⊕ ( 11 , 1 → 6 ) = 0 . 15625 adp ⊕ ( 11 , 15 → 10 ) = 0 . 15625 adp ⊕ ( 11 , 15 → 6 ) = 0 . 15625 adp ⊕ ( 3 , 1 → 10 ) = 0 . 09375 adp ⊕ ( 3 , 1 → 6 ) = 0 . 09375 adp ⊕ ( 3 , 15 → 10 ) = 0 . 09375 10 6 Velichkov et al. (KU Leuven) UNAF: A Special Set of Additive Differences FSE 2012 9 / 24

Recommend

6. Individual Differences Differences: Big Questions Are some differences changeable and

6. Individual Differences Differences: Big Questions Are some differences changeable and

6. Individual Differences Differences: Big Questions Are some differences changeable and how much? What effect does community and environment play? What can teachers do to accommodate differences? 6.1 The Nature-Nurture

742 views • 52 slides
Impact of Additive Use of Olmesartan in Patients With Chronic Heart Failure: The Supplemental

Impact of Additive Use of Olmesartan in Patients With Chronic Heart Failure: The Supplemental

AHA Scientific Sessions 2014. Clinical Science: Special Reports CS.03 Management of Cardiovascular Disease November 17, 2014, McCormick Place. Chicago, IL. Impact of Additive Use of Olmesartan in Patients With Chronic Heart Failure: The

347 views • 19 slides
Generalized Additive Models September 10, 2019 Generalized Additive Models September 10, 2019 1

Generalized Additive Models September 10, 2019 Generalized Additive Models September 10, 2019 1

Generalized Additive Models September 10, 2019 Generalized Additive Models September 10, 2019 1 / 43 Motto My nature is to be linear, and when Im not, I feel really proud of myself. Cynthia Weil a songwriter Generalized Additive

786 views • 39 slides
Which Material Design Is Commonsense . . . Possible Under Additive Commonsense . . . How

Which Material Design Is Commonsense . . . Possible Under Additive Commonsense . . . How

Additive . . . It Is Important to . . . How Complexity Is . . . Open Problem Which Material Design Is Commonsense . . . Possible Under Additive Commonsense . . . How Accurate Is Any . . . Manufacturing: How to Combine . . . Our Result A

370 views • 16 slides
Additive Decompositions in Primitive Extensions Hao Du Key Laboratory for Mathematics

Additive Decompositions in Primitive Extensions Hao Du Key Laboratory for Mathematics

Additive Decompositions in Primitive Extensions Hao Du Key Laboratory for Mathematics Mechanization AMSS, Chinese Academy of Sciences Joint work with Shaoshi Chen and Ziming Li ISSAC18, July 1619, New York, 2018 Outline Additive

713 views • 34 slides
Lattice and Non-Lattice Markov Additive Models Jevgenijs Ivanovs, Guy Latouche and Peter Taylor

Lattice and Non-Lattice Markov Additive Models Jevgenijs Ivanovs, Guy Latouche and Peter Taylor

Lattice and Non-Lattice Markov Additive Models Jevgenijs Ivanovs, Guy Latouche and Peter Taylor Univerity of Lausanne, Universit Libre de Bruxelles, University of Melbourne June 30, 2016 Slide 1 Markov Additive Processes A Markov additive

382 views • 11 slides
IDENTIFY THE VALUE IN AN ENTERPRISE-WIDE DEPLOYMENT OF ADDITIVE MANUFACTURING PROCESS

IDENTIFY THE VALUE IN AN ENTERPRISE-WIDE DEPLOYMENT OF ADDITIVE MANUFACTURING PROCESS

IDENTIFY THE VALUE IN AN ENTERPRISE-WIDE DEPLOYMENT OF ADDITIVE MANUFACTURING PROCESS INDUSTRIES Chris Krampitz, P.E. Stratasys Consulting Principal Consultant - Americas 1 OBJECTIVES Identify industry challenges addressed by Additive

605 views • 31 slides
3D Printing, Additive Manufacturing, and Solid Freeform Fabrication: The Technologies of the

3D Printing, Additive Manufacturing, and Solid Freeform Fabrication: The Technologies of the

NSF Additive Manufacturing Workshop 3D Printing, Additive Manufacturing, and Solid Freeform Fabrication: The Technologies of the Past, Present and Future Joseph J Beaman Department of Mechanical Engineering The University of Texas

741 views • 43 slides
Designing for differences Dan Smith 2 Designing for Differences - Goals Be familiar with

Designing for differences Dan Smith 2 Designing for Differences - Goals Be familiar with

1 Designing for differences Dan Smith 2 Designing for Differences - Goals Be familiar with the issues that affect usability and interaction for different individual and groups of people Know the basic tools for designing interactive

525 views • 26 slides
Non-additive measures and integrals Vicen c Torra March, 2014 IIIA-CSIC (joint work with

Non-additive measures and integrals Vicen c Torra March, 2014 IIIA-CSIC (joint work with

LiU 2014 Non-additive measures and integrals Vicen c Torra March, 2014 IIIA-CSIC (joint work with Yasuo Narukawa and Michio Sugeno) Motivation Outline A short motivation Topic. Non-additive measures A generalization of additive

1.49k views • 111 slides
432 This slide shows various possibilities in which etching can be done. We would look at the

432 This slide shows various possibilities in which etching can be done. We would look at the

VLSI chips are made by a sequence of additive and subtractive techniques. We had seen several additive processes like oxidation, thin film deposition and ion implantation. Many of these processes cannot be done selectively in some areas. There are

719 views • 24 slides
Learning Additive Noise Channels: Generalization Bounds and Algorithms Nir Weinberger

Learning Additive Noise Channels: Generalization Bounds and Algorithms Nir Weinberger

Learning Additive Noise Channels: Generalization Bounds and Algorithms Nir Weinberger Massachusetts Institute of Technology, MA, USA IEEE International Symposium on Information Theory June 2020 1/22 In an nutshell An additive noise channel

1.14k views • 91 slides
Special Needs Planning Cox Law Group, Inc Cynthia Cox, Esq. cynthia@coxlawgroupinc.com

Special Needs Planning Cox Law Group, Inc Cynthia Cox, Esq. cynthia@coxlawgroupinc.com

Special Needs Planning Cox Law Group, Inc Cynthia Cox, Esq. cynthia@coxlawgroupinc.com 310-798-6150 23326 Hawthorne Boulevard Suite 390 Torrance, California 90505 Course Goals: - Identify and understand the differences between first party,

564 views • 53 slides
Differences-in-Differences Estimator: Example Card and Krueger (1994) Example : Card D. and

Differences-in-Differences Estimator: Example Card and Krueger (1994) Example : Card D. and

Differences-in-Differences Estimator: Example Card and Krueger (1994) Example : Card D. and Krueger A. (1994) Minimum Wages and Employment: A Case Study of the Fast-Food Industry in New Jersey and Pennsylvania, American Economic Review,

1.71k views • 78 slides
Additive Manufacturing Turning Mind into Matter Neal de Beer (Ph.D) Overview Introduction to

Additive Manufacturing Turning Mind into Matter Neal de Beer (Ph.D) Overview Introduction to

Additive Manufacturing Turning Mind into Matter Neal de Beer (Ph.D) Overview Introduction to Additive Manufacturing Applications for AM Current trends Conclusions and future trends Introduction to Additive Manufacturing Basics

854 views • 46 slides
Additive Manufacturing for Biomedical Applications Kenny Dalgarno School of Mechanical and

Additive Manufacturing for Biomedical Applications Kenny Dalgarno School of Mechanical and

Additive Manufacturing for Biomedical Applications Kenny Dalgarno School of Mechanical and Systems Engineering Newcastle University Overview Why is additive manufacture interesting for medical applications? A (very brief) history of

244 views • 21 slides
Metal Additive Technology 101 Technology Choices and Applications Jeff Crandall Additive

Metal Additive Technology 101 Technology Choices and Applications Jeff Crandall Additive

Metal Additive Technology 101 Technology Choices and Applications Jeff Crandall Additive Manufacturing Research &amp; Applications Senior Engineer Connecticut Center for Advanced Technology Advanced Manufacturing Center PRESENTED BY Why

915 views • 49 slides
Ceramics session - Processes for additive manufacturing of large parts, State of the art, locks

Ceramics session - Processes for additive manufacturing of large parts, State of the art, locks

Ceramics session - Processes for additive manufacturing of large parts, State of the art, locks and design constraints. OLIVIER LARRE, ESTIA Thursday, June 4, 2020 The issue of the keynote Keywords the different additive manufacturing

631 views • 24 slides
Time Spent on Research with Undergraduate Students Gender Differences among Gender Differences

Time Spent on Research with Undergraduate Students Gender Differences among Gender Differences

Time Spent on Research with Undergraduate Students Gender Differences among Gender Differences among STEM Faculty Amber D. Lambert Amy K. Garver Allison BrckaLorenz Indiana University Antwione Haywood Center for Postsecondary Research

235 views • 12 slides
How companies can leverage Additive Manufacturing (AM) technologies for competitive

How companies can leverage Additive Manufacturing (AM) technologies for competitive

How companies can leverage Additive Manufacturing (AM) technologies for competitive advantage Matthew Waterhouse, CEO, 3D Metalforge PE COI, 4 th April 2017 4:10 pm 4:30 pm How can companies leverage Additive Manufacturing

911 views • 12 slides
A p -adically entire function with integral values on Q p and additive characters of perfectoid

A p -adically entire function with integral values on Q p and additive characters of perfectoid

A p -adically entire function with integral values on Q p and additive characters of perfectoid fields Francesco Baldassarri (Padova) Papeete, August 24, 2015 Outline A p -adic entire function Integrality of p Additive characters of

878 views • 50 slides
The Rise of Industrial 3D-Printing Additive World Conference, March 2017 About me Philip von

The Rise of Industrial 3D-Printing Additive World Conference, March 2017 About me Philip von

The Rise of Industrial 3D-Printing Additive World Conference, March 2017 About me Philip von Tell Focused on the business and investment aspects of 3D-Printing and Additive Manufacturing. Corporate development and buildup of

433 views • 15 slides
Generalized Additive Models David L Miller Overview What is a GAM? What is smoothing? How do

Generalized Additive Models David L Miller Overview What is a GAM? What is smoothing? How do

Generalized Additive Models David L Miller Overview What is a GAM? What is smoothing? How do GAMs work? ( Roughly ) Fitting and plotting simple models What is a GAM? Generalized Additive Models Generalized: many response distributions

977 views • 68 slides
Introduction to Additive Manufacturing (AM 101) 8 December 2015 Caroline Scheck Naval Surface

Introduction to Additive Manufacturing (AM 101) 8 December 2015 Caroline Scheck Naval Surface

Introduction to Additive Manufacturing (AM 101) 8 December 2015 Caroline Scheck Naval Surface Warfare Center, Carderock Division Distribution A. Approved for public release: distribution unlimited What is Additive Manufacturing? vs.

597 views • 20 slides

More recommend