Abstract
This paper introduces CLAASP, a Cryptographic Library for the Automated Analysis of Symmetric Primitives. The library is designed to be modular, extendable, easy to use, generic, efficient and fully automated. It is an extensive toolbox gathering state-of-the-art techniques aimed at simplifying the manual tasks of symmetric primitive designers and analysts. CLAASP is built on top of Sagemath and is open-source under the GPLv3 license.
The central input of CLAASP is the description of a cryptographic primitive as a list of connected components in the form of a directed acyclic graph. From this representation, the library can automatically: (1) generate the Python or C code of the primitive evaluation function, (2) execute a wide range of statistical and avalanche tests on the primitive, (3) generate SAT, SMT, CP and MILP models to search, for example, differential and linear trails, (4) measure algebraic properties of the primitive, (5) test neural-based distinguishers. We demonstrate that CLAASP can reproduce many of the results that were obtained in the literature and even produce new results.
In this work, we also present a comprehensive survey and comparison of other software libraries aiming at similar goals as CLAASP.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
When possible a word-oriented implementation is used, opposed to a slower bit-oriented implementation for primitives with mixed type of components.
References
Ankele, R., Kölbl, S.: Mind the gap - a closer look at the security of block ciphers against differential cryptanalysis. In: Cid, C., Jr., M.J.J. (eds.) SAC 2018. LNCS, vol. 11349, pp. 163–190. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-10970-7_8
Aranha, D.F., Gouvêa, C.P.L., Markmann, T., Wahby, R.S., Liao, K.: RELIC is an efficient library for cryptography. https://github.com/relic-toolkit/relic
Aumasson, J.-P., Çalık, Ç., Meier, W., Özen, O., Phan, R.C.-W., Varıcı, K.: Improved cryptanalysis of skein. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 542–559. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10366-7_32
Azimi, S.A., Ranea, A., Salmasizadeh, M., Mohajeri, J., Aref, M.R., Rijmen, V.: A bit-vector differential model for the modular addition by a constant and its applications to differential and impossible-differential cryptanalysis. Des. Codes Cryptogr. 90(8), 1797–1855 (2022)
Barrett, C., Fontaine, P., Tinelli, C.: The Satisfiability Modulo Theories Library (SMT-LIB). www.SMT-LIB.org (2016)
Bassham, L., et al.: Special Publication (NIST SP) - 800–22 Rev 1a: A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications (2010)
Bassham, L., Soto, J.: NISTIR 6483: randomness testing of the advanced encryption standard finalist candidates. NIST Internal or Interagency Reports (2000)
Bellini, E., et al.: CLAASP: a cryptographic library for the automated analysis of symmetric primitives. Cryptology ePrint Archive, Paper 2023/622 (2023). https://eprint.iacr.org/2023/622
Bellini, E., Gérault, D., Grados, J., Makarim, R.H., Peyrin, T.: Fully automated differential-linear attacks against ARX ciphers. In: Rosulek, M. (ed.) CT-RSA 2023. LNCS, vol. 13871, pp. 252–276. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30872-7_10
Bellini, E., Gerault, D., Hambitzer, A., Rossi, M.: A Cipher-agnostic neural training pipeline with automated finding of good input differences. Cryptology ePrint Archive, Paper 2022/1467 (2022). https://eprint.iacr.org/2022/1467
Bellini, E., Hambitzer, A., Protopapa, M., Rossi, M.: Limitations of the use of neural networks in black box cryptanalysis. In: Ryan, P.Y., Toma, C. (eds.) SecITC 2021. LNCS, vol. 13195, pp. 100–124. Springer, Heidelberg (2021). https://doi.org/10.1007/978-3-031-17510-7_8
Benamira, A., Gerault, D., Peyrin, T., Tan, Q.Q.: A deeper look at machine learning-based cryptanalysis. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12696, pp. 805–835. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_28
Biham, E., Shamir, A.: Differential cryptanalysis of des-like cryptosystems. J. Cryptol. 4(1), 3–72 (1991)
Biryukov, A., Nikolić, I.: Automatic search for related-key differential characteristics in byte-oriented block ciphers: application to AES, Camellia, Khazad and others. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 322–344. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_17
Brickenstein, M., Dreyer, A.: Polybori: a framework for Gröbner-basis computations with Boolean polynomials. J. Symb. Comput. 44(9), 1326–1345 (2009)
Brown, R.G.: DieHarder: A Random Number Test Suite Version 3.31.1 (2021). https://webhome.phy.duke.edu/~rgb/General/dieharder.php
Coutinho, M., Passos, I., Vásquez, J.C.G., de Mendonça, F.L.L., de Sousa, R.T., Borges, F.: Latin dances reloaded: improved cryptanalysis against salsa and chacha, and the proposal of forró. In: Agrawal, S., Lin, D. (eds.) Advances in Cryptology - ASIACRYPT 2022, LNCS, vol. 13791, pp. 256–286. Springer (2022)
Coutinho, M., de Sousa Júnior, R.T., Borges, F.: Continuous diffusion analysis. IEEE Access 8, 123735–123745 (2020)
Cui, T., Chen, S., Fu, K., Wang, M., Jia, K.: New automatic tool for finding impossible differentials and zero-correlation linear approximations. Sci. China Inf. Sci. 64(2) (2021)
Daemen, J., Hoffert, S., Assche, G.V., Keer, R.V.: The design of Xoodoo and Xoofff. IACR Trans. Symmetric Cryptol. 2018(4), 1–38 (2018)
Daum, M.: Cryptanalysis of Hash functions of the MD4-family (2005)
Dey, S., Garai, H.K., Maitra, S.: Cryptanalysis of reduced round chacha - new attack & deeper analysis. IACR Trans. Symmetric Cryptol. 2023(1), 89–110 (2023)
Dobraunig, C., Eichlseder, M., Mendel, F.: Heuristic tool for linear cryptanalysis with applications to CAESAR candidates. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9453, pp. 490–509. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48800-3_20
Fouque, P.-A., Jean, J., Peyrin, T.: Structural evaluation of AES and chosen-key distinguisher of 9-round AES-128. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 183–203. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_11
Gérault, D., Lafourcade, P., Minier, M., Solnon, C.: Computing AES related-key differential characteristics with constraint programming. Artif. Intell. 278, 103183 (2020)
Gohr, A.: Improving attacks on round-reduced Speck32/64 using deep learning. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 150–179. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26951-7_6
Hadipour, H., Eichlseder, M.: Autoguess: a tool for finding guess-and-determine attacks and key bridges. In: Ateniese, G., Venturi, D. (eds.) ACNS 2022. LNCS, vol. 13269, pp. 230–250. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-09234-3_12
Hall-Andersen, M., Vejre, P.S.: Generating graphs packed with paths estimation of linear approximations and differentials. IACR Trans. Symmetric Cryptol. 2018(3), 265–289 (2018)
Hall-Andersen, M., Vejre, P.S.: Cryptagraph. https://github.com/psve/cryptagraph (2019)
Indrøy, J.P., Raddum, H.: Trail search with CRHS equations. IACR Cryptol. ePrint Arch, p. 1329 (2021)
Khoo, K., Lee, E., Peyrin, T., Sim, S.M.: Human-readable proof of the related-key security of AES-128. IACR Trans. Symmetric Cryptol. 2017(2), 59–83 (2017)
Leurent, G.: Analysis of differential attacks in ARX constructions. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 226–243. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_15
Leurent, G.: Construction of differential characteristics in ARX designs application to skein. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 241–258. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_14
Libralesso, L., Delobel, F., Lafourcade, P., Solnon, C.: Automatic Generation of Declarative Models For Differential Cryptanalysis. In: Michel, L.D. (ed.) 27th International Conference on Principles and Practice of Constraint Programming, CP 2021, Montpellier, France (Virtual Conference), October 25–29, 2021. LIPIcs, vol. 210, pp. 40:1–40:18. Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2021)
Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 336–350. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45473-X_28
Liu, Y., Witte, G.D., Ranea, A., Ashur, T.: Rotational-XOR cryptanalysis of reduced-round SPECK. IACR Trans. Symmetric Cryptol. 2017(3), 24–36 (2017)
Marsaglia, G.: The Marsaglia Random Number CDROM including the Diehard Battery of Tests of Randomness (1995). https://web.archive.org/web/20160125103112. http://stat.fsu.edu/pub/diehard/
Matsui, M.: Linear cryptanalysis method for DES Cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_33
Mouha, N., Preneel, B.: A Proof that the ARX Cipher Salsa20 is secure against differential cryptanalysis. IACR Cryptol. ePrint Arch, p. 328 (2013)
Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C.-K., Yung, M., Lin, D. (eds.) Inscrypt 2011. LNCS, vol. 7537, pp. 57–76. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34704-7_5
Nethercote, N., Stuckey, P.J., Becket, R., Brand, S., Duck, G.J., Tack, G.: MiniZinc: towards a standard CP modelling language. In: Bessière, C. (ed.) CP 2007. LNCS, vol. 4741, pp. 529–543. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74970-7_38
Quine, W.V.: A way to simplify truth functions. Amer. Math. Monthly 62, 627–631 (1955)
Ranea, A., Liu, Y., Ashur, T.: An easy-to-use tool for rotational-XOR cryptanalysis of ARX block ciphers. IACR Cryptol. ePrint Arch, p. 727 (2020)
Ranea, A., Rijmen, V.: Characteristic automated search of cryptographic algorithms for distinguishing attacks (CASCADA). IET Inf. Secur. 16(6), 470–481 (2022)
Ren, J., Chen, S.: Cryptanalysis of reduced-round speck. IEEE Access 7, 63045–63056 (2019)
Rukhin, A., et al.: Special Publication (NIST SP) - 800–22: A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications (2001)
Sadeghi, S., Rijmen, V., Bagheri, N.: Proposing an MILP-based method for the experimental verification of difference-based trails: application to SPECK. SIMECK. Des. Codes Cryptogr. 89(9), 2113–2155 (2021)
Sasaki, Yu., Todo, Y.: New impossible differential search tool from design and cryptanalysis aspects. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 185–215. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56617-7_7
Soto, J.: NISTIR 6390: Randomness testing of the advanced encryption standard candidate algorithms. NIST Internal or Interagency Reports (1999)
Soto, J.: Statistical testing of random number generators. In: Proceedings of the 22nd National Information Systems Security Conference, vol. 10, p. 12. NIST Gaithersburg, MD (1999). https://csrc.nist.gov/CSRC/media/Publications/conference-paper/1999/10/21/proceedings-of-the-22nd-nissc-1999/documents/papers/p24.pdf
Stankovski, P.: Automated algebraic cryptanalysis, pp. 11. ECRYPT II (2010). tools for Cryptanalysis 2010; Conference date: 22–06-2010 Through 23–06-2010
Stankovski, P.: Greedy distinguishers and nonrandomness detectors. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 210–226. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17401-8_16
Stefan Kölbl: CryptoSMT: an easy to use tool for cryptanalysis of symmetric primitives. https://github.com/kste/cryptosmt
Sun, L., Wang, W., Wang, M.: Accelerating the search of differential and linear characteristics with the SAT method. IACR Trans. Symmetric Cryptol. 2021(1), 269–315 (2021)
Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 158–178. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45611-8_9
Vesselinux, Laboratory of Algorithmics, C., of Luxembourg University, S.L.: Vesselinux/yaarx: Yet another toolkit for analysis of ARX cryptographic algorithms. https://github.com/vesselinux/yaarx
Zhang, X., Chen, Z., Cai, S.: Parkissat: Random shuffle based and pre-processing extended parallel solvers with clause sharing. SAT COMPETITION, 51 (2022)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Bellini, E. et al. (2024). CLAASP: A Cryptographic Library for the Automated Analysis of Symmetric Primitives. In: Carlet, C., Mandal, K., Rijmen, V. (eds) Selected Areas in Cryptography – SAC 2023. SAC 2023. Lecture Notes in Computer Science, vol 14201. Springer, Cham. https://doi.org/10.1007/978-3-031-53368-6_19
Download citation
DOI: https://doi.org/10.1007/978-3-031-53368-6_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-53367-9
Online ISBN: 978-3-031-53368-6
eBook Packages: Computer ScienceComputer Science (R0)