A major open problem in block cipher cryptanalysis is discovery of new invariant properties of complex type. Recent papers show that this can be achieved for SCREAM, Midori64, MANTIS-4, T-310 or for DES with modified S-boxes. Until now such attacks are hard to find and seem to happen by some sort of incredible coincidence. In this paper we abstract the attack from any particular block cipher. We study these attacks in terms of transformations on multivariate polynomials. We shall demonstrate how numerous variables including key variables may sometimes be eliminated and at the end two very complex Boolean polynomials will become equal. We present a general construction of an attack where multiply all the polynomials lying on one or several cycles. Then under suitable conditions the non-linear functions involved will be eliminated totally. We obtain a periodic invariant property holding for any number of rounds. A major difficulty with invariant attacks is that they typically work only for some keys. In T-310 our attack works for any key and also in spite of the presence of round constants.
Cryptographic attacks are typically constructed by blackbox methods and combinations of simpler properties, for example in [Generalised] Linear Cryptanalysis. In this article we work with a more recent white-box algebraic-constructive methodology. Polynomial invariant attacks on a block cipher are constructed explicitly through the study of the space of Boolean polynomials which does not have a unique factorization and solving the so-called Fundamental Equation (FE). Some recent invariant attacks are quite symmetric and exhibit some sort of clear structure, or work only when the Boolean function is degenerate. As a proof of concept we construct an attack where a highly irregular product of 7 polynomials is an invariant for any number of rounds for T-310 under certain conditions on the long term key and for any key and any IV. A key feature of our attack is that it works for any Boolean function which satisfies a specific annihilation property. We evaluate very precisely the probability that our attack works when the Boolean function is chosen uniformly at random.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.