Skip to main content
Springer Nature Link
Log in

New Insights on Differential and Linear Bounds Using Mixed Integer Linear Programming

  • Conference paper
  • First Online:
Innovative Security Solutions for Information Technology and Communications (SecITC 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12596))

  • 679 Accesses

Abstract

Mixed Integer Linear Programming (MILP) is a very common method of modelling differential and linear bounds. The Convex Hull (CH) modelling, introduced by Sun et al. (Eprint 2013/Asiacrypt 2014), is a popular method in this regard, which can convert the conditions corresponding to a small (4-bit) SBox to MILP constraints efficiently. Our analysis shows, there are SBoxes for which the CH modelling can yield incorrect modelling. The problem arises from the observation that although the CH is generated for a certain set of points, there can be points outside this set which also satisfy all the inequalities of the CH. As apparently no variant of the CH modelling can circumvent this problem, we propose a new modelling for differential and linear bounds. Our modelling makes use of every points of interest individually. Additionally, we also explore the possibility of using redundant constraints, such that the run time for an MILP solver can be reduced while keeping the optimal result unchanged. With our experiments on round-reduced GIFT-128, we show it is possible to reduce the run time a few folds using a suitable choice of redundant constraints. We also present the optimal linear bounds for 11- and 12-rounds of GIFT-128, extending from the best-known result of 10-rounds.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://www.gurobi.com/.

  2. 2.

    https://www.sagemath.org/.

  3. 3.

    The inequalities are not strict, i.e., of the type \(\le \) or \(\ge \) (but not of the type < or >). The MILP solvers generally cannot handle strict inequalities, hence the inequalities representing CH suits well for forming the constraints of MILP instances.

  4. 4.

    https://doc.sagemath.org/html/en/reference/discrete_geometry/sage/geometry/polyhedron/base.html#sage.geometry.polyhedron.base.Polyhedron_base.equations_list.

  5. 5.

    Note that, this assumption is practical. As the run time for higher rounds take significantly longer than the smaller rounds, generally the solutions for the smaller rounds are available.

References

  1. Abdelkhalek, A., Sasaki, Y., Todo, Y., Tolba, M., Youssef, A.M.: MILP modeling for (large) s-boxes to optimize probability of differential characteristics. IACR Trans. Symmetric Cryptol. 2017(4), 99–129 (2017). https://doi.org/10.13154/tosc.v2017.i4.99-129

  2. Baksi, A.: New insights on differential and linear bounds using mixed integer linear programming (full version). Cryptology ePrint Archive, Report 2020/1414 (2020). https://eprint.iacr.org/2020/1414

  3. Banik, S., Pandey, S.K., Peyrin, T., Sasaki, Y., Sim, S.M., Todo, Y.: Gift: a small present. Cryptology ePrint Archive, Report 2017/622 (2017). https://eprint.iacr.org/2017/622

  4. de Berg, M., Cheong, O., van Kreveld, M., Overmars, M.: Computational Geometry. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-77974-2, https://www.springer.com/gp/book/9783540779735

  5. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-38424-3_1

    Chapter  Google Scholar 

  6. Bogdanov, A., et al.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_31

    Chapter  Google Scholar 

  7. De Cannière, C.: Analysis and Design of Symmetric Encryption Algorithms. Katholieke Universiteit Leuven, Belgium, Ph.D. thesis (2007). https://www.esat.kuleuven.be/cosic/publications/thesis-139.pdf

  8. Ji, F., Zhang, W., Ding, T.: Improving matsui’s search algorithm for the best differential/linear trails and its applications for des, desl and gift. Cryptology ePrint Archive, Report 2019/1190 (2019). https://eprint.iacr.org/2019/1190

  9. Li, L., Wu, W., Zheng, Y., Zhang, L.: The relationship between the construction and solution of the milp models and applications. Cryptology ePrint Archive, Report 2019/049 (2019). https://eprint.iacr.org/2019/049

  10. Liu, Y., Liang, H., Li, M., Huang, L., Hu, K., Yang, C., Wang, M.: STP models of optimal differential and linear trail for s-box based ciphers. Cryptology ePrint Archive, Report 2019/025 (2019). https://eprint.iacr.org/2019/025

  11. Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_33

    Chapter  Google Scholar 

  12. Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C.-K., Yung, M., Lin, D. (eds.) Inscrypt 2011. LNCS, vol. 7537, pp. 57–76. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34704-7_5

    Chapter  MATH  Google Scholar 

  13. Mount, D.M.: CMSC 754 - Computational Geometry (lecture notes) (2016). https://www.cs.umd.edu/class/fall2016/cmsc754/Lects/cmsc754-fall16-lects.pdf

  14. Sasaki, Y., Todo, Y.: New algorithm for modeling S-box in MILP based differential and division trail search. In: Farshim, P., Simion, E. (eds.) SecITC 2017. LNCS, vol. 10543, pp. 150–165. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69284-5_11

    Chapter  Google Scholar 

  15. Sasaki, Y., Todo, Y.: New impossible differential search tool from design and cryptanalysis aspects. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 185–215. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56617-7_7

    Chapter  Google Scholar 

  16. Stinson, D.R.: Cryptography - Theory and Practice. Discrete Mathematics and its Applications Series. CRC Press (2006)

    Google Scholar 

  17. Sun, S., et al.: Towards finding the best characteristics of some bit-oriented block ciphers and automatic enumeration of (related-key) differential and linear characteristics with predefined properties. IACR Cryptol. ePrint Arch. 2014, 747 (2014). http://eprint.iacr.org/2014/747

  18. Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (related-key) differential characteristic search: Application to simon, present, lblock, des(l) and other bit-oriented block ciphers. Cryptology ePrint Archive, Report 2013/676 (2013). https://eprint.iacr.org/2013/676

  19. Zhang, P., Zhang, W.: Differential cryptanalysis on block cipher skinny with MILP program. Security and Communication Networks 2018, 1–11 (10 2018). https://doi.org/10.1155/2018/3780407

  20. Zhou, C., Zhang, W., Ding, T., Xiang, Z.: Improving the MILP-based security evaluation algorithm against differential/linear cryptanalysis using a divide-and-conquer approach. Cryptology ePrint Archive, Report 2019/019 (2019). https://eprint.iacr.org/2019/019

  21. Zhu, B., Dong, X., Yu, H.: MILP-based differential attack on round-reduced gift. Cryptology ePrint Archive, Report 2018/390 (2018). https://eprint.iacr.org/2018/390

Download references

Author information

Authors and Affiliations

  1. Nanyang Technological University, Singapore, Singapore

    Anubhab Baksi

Authors
  1. Anubhab Baksi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Anubhab Baksi .

Editor information

Editors and Affiliations

  1. Advanced Technologies Institute, Bucharest, Romania

    Diana Maimut

  2. Advanced Technologies Institute, Bucharest, Romania

    Andrei-George Oprina

  3. Faculté des Sciences et Techniques, University of Limoges, Limoges, France

    Damien Sauveron

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Baksi, A. (2021). New Insights on Differential and Linear Bounds Using Mixed Integer Linear Programming. In: Maimut, D., Oprina, AG., Sauveron, D. (eds) Innovative Security Solutions for Information Technology and Communications. SecITC 2020. Lecture Notes in Computer Science(), vol 12596. Springer, Cham. https://doi.org/10.1007/978-3-030-69255-1_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-69255-1_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-69254-4

  • Online ISBN: 978-3-030-69255-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics