Lack of Unique Factorization as a Tool in Block Cipher Cryptanalysis
share
Linear (or differential) cryptanalysis may seem dull topics for a mathematician: they are about super simple invariants characterized by say a word on n=64 bits with very few bits at 1, the space of possible attacks is small, and basic principles are trivial. In contract mathematics offers an infinitely rich world of possibilities. If so, why is that cryptographers have ever found so few attacks on block ciphers? In this paper we argue that black-box methods used so far to find attacks in symmetric cryptography are inadequate and we work with a more recent white-box algebraic methodology. Invariant attacks can be constructed explicitly through the study of roots of the so-called Fundamental Equation (FE). We also argue that certain properties of the ring of Boolean polynomials such as lack of unique factorization allow for a certain type of product construction attacks to flourish. As a proof of concept we show how to construct a complex and non-trivial attack where a polynomial of degree 7 is an invariant for any number of rounds for a complex block cipher.
READ FULL TEXT
