|
Discrete Functions
On properties of additive differential probabilities of XOR
N. Mouhaa, N. A. Kolomeetsb, D. A. Ahtyamovc, I. A. Sutorminb, M. A. Panferovd, K. M. Titovad, T. A. Bonichd, E. A. Ishchukovae, N. N. Tokarevabdf, B. F. Zhantulikovd a Strativia
b Sobolev Institute of Mathematics, Siberian Branch of the Russian Academy of Sciences, Novosibirsk
c Hebrew University of Jerusalem
d Novosibirsk State University
e Southern Federal University, Rostov-on-Don
f JetBrains Research
Abstract:
The additive differential probability of exclusive-or $\mathrm{adp}^{\oplus}(\alpha, \beta, \gamma)$, where $\alpha, \beta, \gamma \in \mathbb{Z}_{2}^{n}$, is studied. It is used in the analysis of symmetric-key primitives that combine XOR and modular addition, such as Addition-Rotation-XOR (ARX) constructions. We focus on the maximal differentials which are helpful when constructing differential trails. It is proven that $\max_{\alpha, \beta} \mathrm{adp}^{\oplus}(\alpha,\beta,\gamma) = \mathrm{adp}^{\oplus}(0,\gamma,\gamma)$. In addition, there exist either $2$ or $8$ distinct pairs ($\alpha$, $\beta$) such that $\mathrm{adp}^{\oplus}(\alpha,\beta,\gamma) = \mathrm{adp}^{\oplus}(0,\gamma,\gamma)$. Also, we obtain a simplified representation of $\mathrm{adp}^{\oplus}(0,\gamma,\gamma)$ and formula for $\min_{\gamma}\mathrm{adp}^{\oplus}(0,\gamma,\gamma)$.
Keywords:
ARX, XOR, modular addition, differential cryptanalysis.
Citation:
N. Mouha, N. A. Kolomeets, D. A. Ahtyamov, I. A. Sutormin, M. A. Panferov, K. M. Titova, T. A. Bonich, E. A. Ishchukova, N. N. Tokareva, B. F. Zhantulikov, “On properties of additive differential probabilities of XOR”, Prikl. Diskr. Mat. Suppl., 2021, no. 14, 46–48
Linking options:
https://www.mathnet.ru/eng/pdma527 https://www.mathnet.ru/eng/pdma/y2021/i14/p46
|
Statistics & downloads: |
Abstract page: | 193 | Full-text PDF : | 164 | References: | 22 |
|