Research On Automatic Cryptanalysis Of Division Property Of Block Ciphers

Block ciphers play a critical role in information security,and their design is based on two fundamental principles: confusion and diffusion.The former is achieved by Sboxes,the latter by linear layers.Cryptanalysis is the opposite of design.There are many cryptanalysis methods for block ciphers,including differential,linear,and integral cryptanalysis.At Eurocrypt 2015,there was a breakthrough in integral cryptanalysis when Todo proposed the generalization of the integral property,known as the division property.Subsequently,the division property,combined with automatic search tools,has yielded significant results in the cryptanalysis of symmetric key algorithms,such as block ciphers,stream ciphers,and authenticated encryption algorithms.In this thesis,we focus on the automatic cryptanalysis of the division property of block ciphers,specifically by combining the division property with MILP to search for integral distinguishers of ciphers.The main contributions include two aspects:(1)Research on the automatic search techniques of division property about 8-bit Sbox.Firstly,an 8-bit Sbox division trail characterization method is proposed through a summary analysis of the point-set inequality characterization technique.Then,by combining this method with the theory of division property propagation of linear layers and Sbox combination perspectives,integral distinguishers for the SKINNY128 cipher and LBlock cipher are searched,resulting in the current optimal integral distinguishers for the corresponding ciphers.(2)Research on the automatic search techniques of division property about complex linear layers.Firstly,we analyze the various methods relationship between the number of inequalities required and the efficiency on the division property propagation of complex linear layers,and propose a new technique for selecting different methods depending on the Hamming weight of the input division property.Then,the algorithmic framework of this technique is given and a novel generalized constrained MILP model is constructed.Finally,this method is applied to the uBlock ciphers using MDBL matrices in the linear layer and the Saturnin ciphers using MDS matrices in the linear layer,and the current best integral distinguishers are obtained for the corresponding ciphers,respectively.