New Properties of the Double Boomerang Connectivity Table

Authors

  • Qianqian Yang State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China
  • Ling Song College of Cyber Security, Jinan University, Guangzhou, China; National Joint Engineering Research Center of Network Security Detection and Protection Technology, Jinan University, Guangzhou, China
  • Siwei Sun School of Cryptology, University of Chinese Academy of Sciences, Beijing, China; State Key Laboratory of Cryptology, P.O. Box 5159, Beijing 100878, China
  • Danping Shi State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China
  • Lei Hu State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China

DOI:

https://doi.org/10.46586/tosc.v2022.i4.208-242

Keywords:

boomerang attack, DBCT, cluster, CRAFT, TweAES, Deoxys-BC

Abstract

The double boomerang connectivity table (DBCT) is a new table proposed recently to capture the behavior of two consecutive S-boxes in boomerang attacks. In this paper, we observe an interesting property of DBCT of S-box that the ladder switch and the S-box switch happen in most cases for two continuous S-boxes, and for some S-boxes only S-box switch and ladder switch are possible. This property implies an additional criterion for S-boxes to resist the boomerang attacks and provides as well a new evaluation direction for an S-box. Using an extension of the DBCT, we verify that some boomerang distinguishers of TweAES and Deoxys are flawed. On the other hand, inspired by the property, we put forward a formula for estimating boomerang cluster probabilities. Furthermore, we introduce the first model to search for boomerang distinguishers with good cluster probabilities. Applying the model to CRAFT, we obtain 9-round and 10-round boomerang distinguishers with a higher probability than that of previous works.

Published

2022-12-07

Issue

Section

Articles

How to Cite

New Properties of the Double Boomerang Connectivity Table. (2022). IACR Transactions on Symmetric Cryptology, 2022(4), 208-242. https://doi.org/10.46586/tosc.v2022.i4.208-242