Automatic search for ADD differential trails in block cipher XTEA. More...

#include "common.hh"
#include "adp-xor.hh"
#include "max-adp-xor.hh"
#include "adp-xor-fi.hh"
#include "max-adp-xor-fi.hh"
#include "adp-shift.hh"
#include "xtea.hh"
#include "adp-xtea-f-fk.hh"
#include "xtea-f-add-pddt.hh"

Functions
void	xtea_add_threshold_search (const int n, const int nrounds, const uint32_t npairs, const uint32_t round_key[64], const uint32_t round_delta[64], gsl_matrix A[2][2][2], gsl_matrix AA[2][2][2], double B[NROUNDS], double Bn, const differential_t diff_in[NROUNDS], differential_t trail[NROUNDS], uint32_t lsh_const, uint32_t rsh_const, std::multiset< differential_t, struct_comp_diff_p > diff_mset_p, std::set< differential_t, struct_comp_diff_dx_dy > *diff_set_dx_dy)

void	xtea_add_trail_search (uint32_t key[4], uint32_t round_key[64], uint32_t round_delta[64])

Detailed Description

Automatic search for ADD differential trails in block cipher XTEA.

Author: V.Velichkov, vesse.nosp@m.lin..nosp@m.velic.nosp@m.hkov.nosp@m.@uni..nosp@m.lu

Function Documentation

void xtea_add_threshold_search	(	const int	n,
		const int	nrounds,
		const uint32_t	npairs,
		const uint32_t	round_key[64],
		const uint32_t	round_delta[64],
		gsl_matrix *	A[2][2][2],
		gsl_matrix *	AA[2][2][2],
		double	B[NROUNDS],
		double *	Bn,
		const differential_t	diff_in[NROUNDS],
		differential_t	trail[NROUNDS],
		uint32_t	lsh_const,
		uint32_t	rsh_const,
		std::multiset< differential_t, struct_comp_diff_p > *	diff_mset_p,
		std::set< differential_t, struct_comp_diff_dx_dy > *	diff_set_dx_dy
	)

Automatic search for ADD differential trails in block cipher XTEA using pDDT.

Note: For more details on the algorithm see tea_add_threshold_search.

Parameters

n	index of the current round: $0 \le n < \mathrm{nrounds}$ .
nrounds	total number of rounds (NROUNDS).
npairs	number of chosen plaintext pairs (NPAIRS).
round_key	all round keys for the full XTEA.
round_delta	all round constants for the full XTEA.
A	transition probability matrices for $\mathrm{adp}^{\oplus}$ (adp_xor_sf).
AA	transition probability matrices for XOR with fixed input $\mathrm{adp}^{\oplus}_{\mathrm{FI}}$ (adp_xor_fixed_input_sf).
B	array containing the best differential probabilities for i rounds: $0 \le i < n$ .
Bn	the best found probability on rounds, updated dynamically.
diff_in	array of differentials.
trail	best found differential trail for `nrounds`.
lsh_const	LSH constant (TEA_LSH_CONST).
rsh_const	RSH constant (TEA_RSH_CONST).
diff_mset_p	set of differentials (the pDDT) ordered by probability p.
diff_set_dx_dy	set of differentials (the pDDT) ordered by index $i = (dx~ 2^{n} + dy)$ .

The outline of the array of bounds $B$ is the following:

: best probability for round.
: best probability for rounds.
$\ldots$
: best probability for rounds.
$\ldots$
: best probability for rounds.
: best probability for rounds.

See Also: tea_add_threshold_search.

void xtea_add_trail_search	(	uint32_t	key[4],
		uint32_t	round_key[64],
		uint32_t	round_delta[64]
	)

Search for ADD differential trails in block cipher XTEA: wrapper function for tea_add_threshold_search.

Parameters

key	cryptographic key of XTEA.
round_key	all round keys for the full XTEA.
round_delta	all round constants for the full XTEA.

Algorithm Outline:

The procedure operates as follows:

Compute a pDDT for F (xtea_f_add_pddt).
Adjust the probabilities of the pDDT to the round key and constant (adp_xtea_f_approx).
Execute the search for differential trails for rounds (n = NROUNDS) through a successive application of xtea_add_threshold_search :
- Compute the best found probability on 1 round: .
- Using compute the best found probability on 2 rounds: .
- $\ldots$
- Using $B[0],\ldots,B[i-1]$ compute the best found probability on rounds: .
- $\ldots$
- Using $B[0],\ldots,B[n-2]$ compute the best found probability on rounds: .
Print the best found trail on rounds on standrad output and terminate.

See Also: xtea_add_threshold_search, tea_add_trail_search

Functions

Detailed Description

Function Documentation